Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

22,389 advisories

Loading
The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for... Critical Unreviewed
CVE-2024-7350 was published Aug 8, 2024
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300... Critical Unreviewed
CVE-2024-20454 was published Aug 7, 2024
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300... Critical Unreviewed
CVE-2024-20450 was published Aug 7, 2024
SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. Critical Unreviewed
CVE-2024-34479 was published Aug 7, 2024
An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa... Critical Unreviewed
CVE-2024-41247 was published Aug 7, 2024
Jenkins Remoting library arbitrary file read vulnerability Critical
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
Django SQL injection vulnerability Critical
CVE-2024-42005 was published for Django (pip) Aug 7, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an... Critical Unreviewed
CVE-2024-36130 was published Aug 7, 2024
There is a vulnerability in the AP Certificate Management Service which could allow a threat... Critical Unreviewed
CVE-2024-42395 was published Aug 6, 2024
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to... Critical Unreviewed
CVE-2024-42393 was published Aug 6, 2024
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a... Critical Unreviewed
CVE-2024-28739 was published Aug 6, 2024
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to... Critical Unreviewed
CVE-2024-42394 was published Aug 6, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote... Critical Unreviewed
CVE-2024-7003 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39227 was published Aug 6, 2024
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72... Critical Unreviewed
CVE-2024-6995 was published Aug 6, 2024
Long pressing on a download link could potentially allow Javascript commands to be executed... Critical Unreviewed
CVE-2024-43111 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39225 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39228 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39226 was published Aug 6, 2024
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request... Critical Unreviewed
CVE-2024-33897 was published Aug 6, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability... Critical Unreviewed
CVE-2024-7521 was published Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0.... Critical Unreviewed
CVE-2024-33971 was published Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0.... Critical Unreviewed
CVE-2024-33972 was published Aug 6, 2024
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0.... Critical Unreviewed
CVE-2024-33970 was published Aug 6, 2024
ProTip! Advisories are also available from the GraphQL API