GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
94,400 advisories
Filter by severity
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm...
High
Unreviewed
CVE-2024-36451
was published
Jul 10, 2024
node-stringbuilder vulnerable to Out-of-bounds Read
High
CVE-2024-21524
was published
for
node-stringbuilder
(npm)
Jul 10, 2024
images vulnerable to Denial of Service
High
CVE-2024-21523
was published
for
images
(npm)
Jul 10, 2024
node-twain vulnerable to Improper Check or Handling of Exceptional Conditions
High
CVE-2024-21525
was published
for
node-twain
(npm)
Jul 10, 2024
Django vulnerable to Denial of Service
High
CVE-2024-39614
was published
for
Django
(pip)
Jul 10, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-6411
was published
Jul 10, 2024
speaker vulnerable to Denial of Service
High
CVE-2024-21526
was published
for
speaker
(npm)
Jul 10, 2024
Django vulnerable to Denial of Service
High
CVE-2024-38875
was published
for
Django
(pip)
Jul 10, 2024
audify vulnerable to Improper Validation of Array Index
High
CVE-2024-21522
was published
for
audify
(npm)
Jul 10, 2024
@discordjs/opus vulnerable to Denial of Service
High
CVE-2024-21521
was published
for
@discordjs/opus
(npm)
Jul 10, 2024
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in...
High
Unreviewed
CVE-2023-7062
was published
Jul 10, 2024
The Houzez CRM plugin for WordPress is vulnerable to time-based SQL Injection via the notes ...
High
Unreviewed
CVE-2024-5792
was published
Jul 10, 2024
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads...
High
Unreviewed
CVE-2023-7061
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0...
High
Unreviewed
CVE-2024-32670
was published
Jul 10, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-6433
was published
Jul 10, 2024
Windows Text Services Framework Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21417
was published
Jul 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-39881
was published
Jul 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-39880
was published
Jul 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-39882
was published
Jul 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-39883
was published
Jul 10, 2024
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has...
High
Unreviewed
CVE-2024-35154
was published
Jul 10, 2024
BookStack Incorrect Access Control vulnerability
High
CVE-2024-36676
was published
for
ssddanbrown/bookstack
(Composer)
Jul 10, 2024
In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi...
High
Unreviewed
CVE-2024-31332
was published
Jul 9, 2024
In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic...
High
Unreviewed
CVE-2024-34726
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API