GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22,389 advisories
Filter by severity
Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter...
Critical
Unreviewed
CVE-2024-28545
was published
Mar 26, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33967
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33964
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33971
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33972
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33970
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33974
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33973
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33961
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33963
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33962
was published
Aug 6, 2024
SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit...
Critical
Unreviewed
CVE-2024-33957
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33959
was published
Aug 6, 2024
SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit...
Critical
Unreviewed
CVE-2024-33958
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33968
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33969
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33966
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33965
was published
Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0....
Critical
Unreviewed
CVE-2024-33960
was published
Aug 6, 2024
HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability...
Critical
Unreviewed
CVE-2024-6202
was published
Aug 6, 2024
Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve...
Critical
Unreviewed
CVE-2024-6782
was published
Aug 6, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the...
Critical
Unreviewed
CVE-2023-4976
was published
Jul 17, 2024
Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter.
Critical
Unreviewed
CVE-2024-31673
was published
May 3, 2024
The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied...
Critical
Unreviewed
CVE-2024-2054
was published
Mar 21, 2024
In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not...
Critical
Unreviewed
CVE-2024-29858
was published
Mar 21, 2024
ProTip!
Advisories are also available from the
GraphQL API