Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,028
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,157
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

244,475 advisories

Loading
Apache Airflow Potential Cross-site Scripting Vulnerability Moderate
CVE-2024-39863 was published for apache-airflow (pip) Jul 17, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-6899 was published Jul 19, 2024
A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical.... Moderate Unreviewed
CVE-2024-6009 was published Jun 15, 2024
A vulnerability was found in itsourcecode Online Book Store 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2024-6013 was published Jun 15, 2024
A vulnerability classified as critical was found in itsourcecode Online House Rental System 1.0.... Moderate Unreviewed
CVE-2024-6015 was published Jun 15, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2024-6898 was published Jul 19, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-6900 was published Jul 19, 2024
Calibre-Web Cross Site Scripting (XSS) Moderate
CVE-2024-39123 was published for calibreweb (pip) Jul 19, 2024
A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry... Moderate Unreviewed
CVE-2024-6016 was published Jun 15, 2024
A vulnerability classified as critical was found in SourceCodester Record Management System 1.0.... Moderate Unreviewed
CVE-2024-6902 was published Jul 19, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Record... Moderate Unreviewed
CVE-2024-6903 was published Jul 19, 2024
Apache CXF Denial of Service vulnerability in JOSE Moderate
CVE-2024-32007 was published for org.apache.cxf:cxf-rt-rs-security-jose (Maven) Jul 19, 2024
Apache CXF allows unrestricted memory consumption in CXF HTTP clients Low
CVE-2024-41172 was published for org.apache.cxf:cxf-rt-transports-http (Maven) Jul 19, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network... Moderate Unreviewed
CVE-2024-6895 was published Jul 19, 2024
Automad arbitrary file upload vulnerability High
CVE-2024-40400 was published for automad/automad (Composer) Jul 19, 2024
A vulnerability was found in itsourcecode Simple Task List 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-6808 was published Jul 17, 2024
A vulnerability classified as critical has been found in SourceCodester Record Management System... Moderate Unreviewed
CVE-2024-6901 was published Jul 19, 2024
A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic.... Low Unreviewed
CVE-2024-3735 was published Apr 13, 2024
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate... Moderate Unreviewed
CVE-2024-6908 was published Jul 19, 2024
ProcessWire Cross Site Request Forgery vulnerability Moderate
CVE-2024-41597 was published for processwire/processwire (Composer) Jul 19, 2024
A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows.... Moderate Unreviewed
CVE-2024-6746 was published Jul 15, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Online... Moderate Unreviewed
CVE-2024-6801 was published Jul 17, 2024
A vulnerability has been found in itsourcecode Document Management System 1.0 and classified as... Moderate Unreviewed
CVE-2024-6803 was published Jul 17, 2024
dbt has an implicit override for built-in materializations from installed packages Moderate
CVE-2024-40637 was published for dbt-core (pip) Jul 17, 2024
brabster
matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check Moderate
CVE-2024-40648 was published for matrix-sdk-crypto (Rust) Jul 18, 2024
dkasak poljar
ProTip! Advisories are also available from the GraphQL API