Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,024
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

111,028 advisories

Loading
Scrypted Cross-site Scripting vulnerability Moderate
CVE-2023-47623 was published for @scrypted/core (npm) Aug 5, 2024
Scrypted Cross-site Scripting vulnerability Moderate
CVE-2023-47620 was published for @scrypted/server (npm) Aug 5, 2024
Apereo CAS vulnerable to credential leaks for LDAP authentication Moderate
CVE-2023-28857 was published for org.apereo.cas:cas-server-support-x509-core (Maven) Aug 5, 2024
lorawan-stack Open Redirect vulnerability Moderate
CVE-2023-26494 was published for go.thethings.network/lorawan-stack/v3 (Go) Aug 5, 2024
Alpine allows Authentication Filter bypass Moderate
CVE-2022-23554 was published for us.springett:alpine (Maven) Aug 5, 2024
Editor.js vulnerable to Code Injection Moderate
CVE-2022-23474 was published for @editorjs/editorjs (npm) Aug 5, 2024
nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSR Moderate
CVE-2024-34343 was published for nuxt (npm) Aug 5, 2024
OhB00
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite... Moderate Unreviewed
CVE-2024-21978 was published Aug 5, 2024
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to... Moderate Unreviewed
CVE-2023-31355 was published Aug 5, 2024
Microweber Cross Site Scripting (XSS) vulnerability Moderate
CVE-2024-41380 was published for microweber/microweber (Composer) Aug 5, 2024
Microweber Cross Site Scripting (XSS) vulnerability Moderate
CVE-2024-41381 was published for microweber/microweber (Composer) Aug 5, 2024
Kubean vulnerable to cluster-level privilege escalation Moderate
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Information disclosure while handling beacon probe frame during scan entry generation in client... Moderate Unreviewed
CVE-2024-21467 was published Aug 5, 2024
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. Moderate Unreviewed
CVE-2024-23357 was published Aug 5, 2024
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR... Moderate Unreviewed
CVE-2024-23350 was published Aug 5, 2024
Information disclosure while handling beacon or probe response frame in STA. Moderate Unreviewed
CVE-2024-21459 was published Aug 5, 2024
A flaw was found in libnbd. The client did not always correctly verify the NBD server's... Moderate Unreviewed
CVE-2024-7383 was published Aug 5, 2024
In regclient, pinned manifest digests may be ignored Moderate
GHSA-qv35-3gw6-8q4j was published for github.com/regclient/regclient (Go) Aug 5, 2024
Apache Airflow Providers FAB Insufficient Session Expiration vulnerability Moderate
CVE-2024-42447 was published for apache-airflow-providers-fab (pip) Aug 5, 2024
The Community Events WordPress plugin before 1.5.1 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2024-6270 was published Aug 5, 2024
The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2024-5081 was published Aug 5, 2024
The Pinpoint Booking System WordPress plugin before 2.9.9.4.8 does not sanitise and escape some... Moderate Unreviewed
CVE-2024-3636 was published Aug 5, 2024
The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which... Moderate Unreviewed
CVE-2024-6710 was published Aug 5, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been... Moderate Unreviewed
CVE-2024-7469 was published Aug 5, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been... Moderate Unreviewed
CVE-2024-7470 was published Aug 5, 2024
ProTip! Advisories are also available from the GraphQL API