GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,477
Composer 3,978
Erlang 29
GitHub Actions 16
Go 1,768
Maven 4,991
npm 3,537
NuGet 616
pip 3,107
Pub 10
RubyGems 837
Rust 786
Swift 34

Unreviewed advisories

All unreviewed 222,644

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,445 advisories

Filter by severity

Sort by

Least recently updated

Red-DiscordBot vulnerable to Incorrect Authorization in commands API Moderate

CVE-2024-39905 was published for Red-DiscordBot (pip) Jul 11, 2024

Wagtail regular expression denial-of-service via search query parsing Moderate

CVE-2024-39317 was published for wagtail (pip) Jul 11, 2024

Django vulnerable to user enumeration attack Moderate

CVE-2024-39329 was published for Django (pip) Jul 10, 2024

zipp Denial of Service vulnerability Moderate

CVE-2024-5569 was published for zipp (pip) Jul 9, 2024

Khoj Open Redirect Vulnerability in Login Page Moderate

GHSA-564j-v29w-rqr6 was published for khoj-assistant (pip) Jul 8, 2024

Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL Moderate

CVE-2024-31223 was published for ethyca-fides (pip) Jul 5, 2024

OpenStack Cinder, Glance, and Nova vulnerable to arbitrary file access Moderate

CVE-2024-32498 was published for cinder (pip) Jul 5, 2024

Weblate vulnerable to improper sanitization of project backups Moderate

CVE-2024-39303 was published for Weblate (pip) Jul 1, 2024

Reflected Cross-Site Scripting (XSS) in zenml Moderate

CVE-2024-5062 was published for zenml (pip) Jun 30, 2024

litellm vulnerable to improper access control in team management Moderate

CVE-2024-5710 was published for litellm (pip) Jun 27, 2024

Directory creation by malicious user in saltstack Moderate

CVE-2024-22231 was published for salt (pip) Jun 27, 2024

Cross-site Scripting in djangorestframework Moderate

CVE-2024-21520 was published for djangorestframework (pip) Jun 26, 2024

CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store` Moderate

CVE-2023-49793 was published for codechecker (pip) Jun 24, 2024

Improper line feed handling in zenml Moderate

CVE-2024-4460 was published for zenml (pip) Jun 24, 2024

Remote Code Execution in create_conda_env function in lollms Moderate

CVE-2024-3121 was published for lollms (pip) Jun 24, 2024

Open redirect in gradio Moderate

CVE-2024-4940 was published for gradio (pip) Jun 22, 2024

Apache Superset server arbitrary file read Moderate

CVE-2024-34693 was published for apache-superset (pip) Jun 20, 2024

TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option Moderate

CVE-2024-38356 was published for TinyMCE (Composer) Jun 19, 2024

TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements Moderate

CVE-2024-38357 was published for TinyMCE (Composer) Jun 19, 2024

urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects Moderate

CVE-2024-37891 was published for urllib3 (pip) Jun 17, 2024

Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components Moderate

GHSA-hjx6-f647-mvf9 was published for invenio-communities (pip) Jun 12, 2024

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate

CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024

Tornado has a CRLF injection in CurlAsyncHTTPClient headers Moderate

GHSA-w235-7p84-xx57 was published for tornado (pip) Jun 6, 2024

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado Moderate

GHSA-753j-mpmx-qq6g was published for tornado (pip) Jun 6, 2024

SQL injection in litellm Moderate

CVE-2024-5225 was published for litellm (pip) Jun 6, 2024

Previous 1 2 3 4 5 … 57 58 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,445 advisories