GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,015
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,253

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

913 advisories

Filter by severity

Sort by

Least recently updated

\An issue was discovered in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute... Moderate Unreviewed

CVE-2023-44853 was published Apr 12, 2024

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-6494 was published Apr 13, 2024

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed

CVE-2024-40726 was published Jul 9, 2024

A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed

CVE-2024-40735 was published Jul 9, 2024

thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might... Moderate Unreviewed

CVE-2009-4491 was published May 2, 2022

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up... Moderate Unreviewed

CVE-2021-22204 was published May 24, 2022

A vulnerability was found in DedeCMS 5.7.114. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-6940 was published Jul 21, 2024

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This... Moderate Unreviewed

CVE-2024-6946 was published Jul 21, 2024

A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools... Moderate Unreviewed

CVE-2024-6936 was published Jul 21, 2024

A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected... Moderate Unreviewed

CVE-2024-6950 was published Jul 21, 2024

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue... Moderate Unreviewed

CVE-2024-6947 was published Jul 21, 2024

Code injection vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12... Moderate Unreviewed

CVE-2024-31396 was published May 22, 2024

Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management... Moderate Unreviewed

CVE-2024-25202 was published Feb 28, 2024

Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote attackers to... Moderate Unreviewed

CVE-2024-31013 was published Apr 3, 2024

Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket. Moderate Unreviewed

CVE-2024-27476 was published Apr 10, 2024

An issue in JNT Telecom JNT Liftcom UMS V1.J Core Version JM-V15 allows a remote attacker to... Moderate Unreviewed

CVE-2024-30567 was published Apr 16, 2024

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code... Moderate Unreviewed

CVE-2024-36531 was published Jun 10, 2024

luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the... Moderate Unreviewed

CVE-2024-39209 was published Jun 27, 2024

File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute... Moderate Unreviewed

CVE-2023-26877 was published Jun 26, 2024

rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function... Moderate Unreviewed

CVE-2024-39002 was published Jul 1, 2024

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken... Moderate Unreviewed

CVE-2024-37405 was published Jul 12, 2024

An issue in zuoxingdong lagom v.0.1.2 allows a local attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-25359 was published Mar 21, 2024

A reflected cross-site scripting (XSS) vulnerability exists in SuperCali version 1.1.0, allowing... Moderate Unreviewed

CVE-2024-27627 was published Mar 5, 2024

Editor.js vulnerable to Code Injection Moderate

CVE-2022-23474 was published for @editorjs/editorjs (npm) Aug 5, 2024

An issue was discovered in osCommerce v4, allows local attackers to bypass file upload... Moderate Unreviewed

CVE-2024-22724 was published Mar 21, 2024

Previous 1 2 … 31 32 33 34 35 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

913 advisories