Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98,853 advisories

Loading
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now... High Unreviewed
CVE-2024-8924 was published Oct 29, 2024
The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... High Unreviewed
CVE-2024-9990 was published Oct 29, 2024
In NetAdmin 4.0.30319, an attacker can steal a valid session cookie and inject it into another... High Unreviewed
CVE-2024-48955 was published Oct 29, 2024
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-7985 was published Oct 29, 2024
Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSL_ERROR_SYSCALL with... High Unreviewed
CVE-2019-25219 was published Oct 29, 2024
Uncontrolled search path in some Intel(R) Battery Life Diagnostic Tool software before version 2... High Unreviewed
CVE-2023-35060 was published Oct 29, 2024
Uncontrolled search path in some Intel(R) SDK for OpenCL(TM) Applications software may allow an... High Unreviewed
CVE-2023-36493 was published Oct 29, 2024
Uncontrolled search path in some Intel(R) CIP software before version 2.4.10577 may allow an... High Unreviewed
CVE-2023-35769 was published Oct 29, 2024
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before... High Unreviewed
CVE-2023-32618 was published Oct 29, 2024
Uncontrolled search path in some Intel(R) Binary Configuration Tool software before version 3.4.4... High Unreviewed
CVE-2023-24591 was published Oct 29, 2024
Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an... High Unreviewed
CVE-2023-25945 was published Oct 29, 2024
Buffer underflow in some Intel(R) PCM software before version 202307 may allow an unauthenticated... High Unreviewed
CVE-2023-34351 was published Oct 29, 2024
mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of... High Unreviewed
CVE-2024-6868 was published Oct 29, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service ... High Unreviewed
CVE-2024-7807 was published Oct 29, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/admin/profile.php... High Unreviewed
CVE-2024-51181 was published Oct 29, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /ifscfinder/index.php in... High Unreviewed
CVE-2024-51180 was published Oct 29, 2024
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to... High Unreviewed
CVE-2024-7962 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-47640 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49632 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49634 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49637 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49638 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49639 was published Oct 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49641 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database