Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

95,369 advisories

Loading
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
The lacks CSRF checks allowing a user to invite any user to any group (including private groups) High Unreviewed
CVE-2024-2232 was published Aug 5, 2024
Multiple Pimax products accept WebSocket connections from unintended endpoints. If this... High Unreviewed
CVE-2024-41889 was published Aug 5, 2024
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-39713 was published for rocket.chat (npm) Aug 5, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu... High Unreviewed
CVE-2024-7465 was published Aug 5, 2024
A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability... High Unreviewed
CVE-2024-7463 was published Aug 5, 2024
A vulnerability classified as critical has been found in TOTOLINK N350RT 9.3.5u.6139_B20201216.... High Unreviewed
CVE-2024-7462 was published Aug 5, 2024
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed
CVE-2024-6331 was published Aug 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has... High Unreviewed
CVE-2024-7441 was published Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and... High Unreviewed
CVE-2024-7439 was published Aug 3, 2024
The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-7031 was published Aug 3, 2024
The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up... High Unreviewed
CVE-2024-7291 was published Aug 3, 2024
WD Discovery versions prior to 5.0.589 contain a misconfiguration in the Node.js environment... High Unreviewed
CVE-2024-22169 was published Aug 2, 2024
openstack-heat may disclose sensitive information High
CVE-2024-7319 was published for openstack-heat (pip) Aug 2, 2024
SQL injection vulnerability in AzureSoft MyHorus 4.3.5 allows authenticated users to execute... High Unreviewed
CVE-2024-28297 was published Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38888 was published Aug 2, 2024
Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`) High
CVE-2024-36116 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024
artsploit
Reposilite artifacts vulnerable to Stored Cross-site Scripting High
CVE-2024-36115 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024
artsploit
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38885 was published Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38881 was published Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38884 was published Aug 2, 2024
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... High Unreviewed
CVE-2024-33894 was published Aug 2, 2024
An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in... High Unreviewed
CVE-2024-41518 was published Aug 2, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and... High Unreviewed
CVE-2024-38890 was published Aug 2, 2024
ProTip! Advisories are also available from the GraphQL API