Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,142 advisories

Loading
A vulnerability classified as critical has been found in code-projects E-Health Care System 1.0.... Moderate Unreviewed
CVE-2024-10989 was published Nov 8, 2024
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-10969 was published Nov 7, 2024
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-10968 was published Nov 7, 2024
A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-10967 was published Nov 7, 2024
Moodle vulnerable to cache poisoning via injection into storage Moderate
CVE-2024-43428 was published for moodle/moodle (Composer) Nov 7, 2024
A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software... Moderate Unreviewed
CVE-2024-10946 was published Nov 7, 2024
A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software... Moderate Unreviewed
CVE-2024-10947 was published Nov 7, 2024
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic.... Moderate Unreviewed
CVE-2024-10928 was published Nov 7, 2024
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-10927 was published Nov 7, 2024
A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This... Moderate Unreviewed
CVE-2024-10926 was published Nov 6, 2024
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-10919 was published Nov 6, 2024
Symfony allows changing the environment through a query Moderate
CVE-2024-50340 was published for symfony/runtime (Composer) Nov 6, 2024
wouterj
Plenti arbitrary file deletion vulnerability High
CVE-2024-49381 was published for github.com/plentico/plenti (Go) Oct 31, 2024
Plenti arbitrary file write vulnerability High
CVE-2024-49380 was published for github.com/plentico/plenti (Go) Oct 31, 2024
A vulnerability has been identified in the Express response.links function, allowing for... Moderate Unreviewed
CVE-2024-10491 was published Oct 29, 2024
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification... Moderate Unreviewed
CVE-2024-7472 was published Oct 29, 2024
Langchain SQL Injection vulnerability Low
CVE-2024-8309 was published for langchain (pip) Oct 29, 2024
BarrensZeppelin eyurtsev
efriis
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice Moderate
CVE-2024-48927 was published for Umbraco.Cms (NuGet) Oct 22, 2024
cookie accepts cookie name, path, and domain with out of bounds characters Low
CVE-2024-47764 was published for cookie (npm) Oct 4, 2024
DataEase's H2 datasource has a remote command execution risk Critical
CVE-2024-46997 was published for io.dataease:common (Maven) Sep 23, 2024
flylzj
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP... Moderate Unreviewed
CVE-2024-25673 was published Sep 19, 2024
SOFA Hessian Remote Command Execution (RCE) Vulnerability High
CVE-2024-46983 was published for com.alipay.sofa:hessian (Maven) Sep 19, 2024
unam4 springkill
Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182) High
CVE-2024-46986 was published for camaleon_cms (RubyGems) Sep 18, 2024
texpert
Contao affected by insert tag injection via canonical URL Moderate
CVE-2024-45612 was published for contao/core-bundle (Composer) Sep 17, 2024
aschempp
D-Tale Command Execution Vulnerability Moderate
CVE-2024-8862 was published for dtale (pip) Sep 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database