GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113 advisories
Filter by severity
There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9...
High
Unreviewed
CVE-2024-38040
was published
Oct 4, 2024
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9275
was published
Sep 27, 2024
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource...
Critical
Unreviewed
CVE-2024-9142
was published
Sep 25, 2024
Proxmox Virtual Environment is an open-source server management platform for enterprise...
High
Unreviewed
CVE-2024-21545
was published
Sep 25, 2024
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28603
was published
Jun 13, 2023
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for...
High
Unreviewed
CVE-2024-7626
was published
Sep 11, 2024
Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible
because the...
Moderate
Unreviewed
CVE-2024-0849
was published
Feb 7, 2024
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Moderate
CVE-2019-14905
was published
for
ansible
(pip)
Apr 20, 2021
An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec...
High
Unreviewed
CVE-2024-33671
was published
Apr 26, 2024
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows...
High
Unreviewed
CVE-2024-6255
was published
Jul 31, 2024
Weblate vulnerable to improper sanitization of project backups
Moderate
CVE-2024-39303
was published
for
Weblate
(pip)
Jul 1, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7911
was published
Aug 18, 2024
Windows Compressed Folder Tampering Vulnerability
Moderate
Unreviewed
CVE-2024-38165
was published
Aug 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-38173
was published
Aug 13, 2024
A vulnerability was found in itsourcecode Airline Reservation System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-7497
was published
Aug 6, 2024
A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-7496
was published
Aug 6, 2024
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to...
Critical
Unreviewed
CVE-2024-28394
was published
Mar 20, 2024
A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1...
Moderate
Unreviewed
CVE-2024-6937
was published
Jul 21, 2024
An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local...
High
Unreviewed
CVE-2024-6714
was published
Jul 23, 2024
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-38049
was published
Jul 9, 2024
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows...
Moderate
Unreviewed
CVE-2024-23317
was published
Jul 11, 2024
Remote Command program allows an attacker to read any file using a Local File Inclusion...
Moderate
Unreviewed
CVE-2024-27175
was published
Jun 14, 2024
An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an...
Moderate
Unreviewed
CVE-2024-33860
was published
May 7, 2024
External Control of File Name or Path in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5334
was published
Jun 27, 2024
Remote code execution in web server context
High
CVE-2024-37295
was published
for
aimeos/aimeos-core
(Composer)
Jun 5, 2024
ProTip!
Advisories are also available from the
GraphQL API