GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11,148 advisories
Filter by severity
Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`
Low
CVE-2024-52587
was published
for
step-security/harden-runner
(GitHub Actions)
Nov 18, 2024
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when...
Low
Unreviewed
CVE-2024-5030
was published
Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about...
Low
Unreviewed
CVE-2024-46383
was published
Nov 15, 2024
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows...
Low
Unreviewed
CVE-2022-1226
was published
Nov 15, 2024
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50825
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50826
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50827
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50829
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50830
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50828
was published
Nov 14, 2024
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System...
Low
Unreviewed
CVE-2024-50831
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management...
Low
Unreviewed
CVE-2024-50824
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management...
Low
Unreviewed
CVE-2024-50823
was published
Nov 14, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an...
Low
Unreviewed
CVE-2024-42188
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50832
was published
Nov 14, 2024
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System...
Low
Unreviewed
CVE-2024-50834
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning...
Low
Unreviewed
CVE-2024-50835
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System...
Low
Unreviewed
CVE-2024-50833
was published
Nov 14, 2024
s2n-tls has undefined behavior at process exit
Low
GHSA-rp9h-rf7g-hwgr
was published
for
s2n-tls
(Rust)
Nov 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17...
Low
Unreviewed
CVE-2024-9633
was published
Nov 14, 2024
Client use of server error message in PostgreSQL allows a server not trusted under current SSL or...
Low
Unreviewed
CVE-2024-10977
was published
Nov 14, 2024
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a...
Low
Unreviewed
CVE-2024-45099
was published
Nov 14, 2024
Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may...
Low
Unreviewed
CVE-2024-38660
was published
Nov 13, 2024
Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to...
Low
Unreviewed
CVE-2024-34776
was published
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API