Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

99,845 advisories

Loading
SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction... High Unreviewed
CVE-2024-25407 was published Feb 13, 2024
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates... High Unreviewed
CVE-2024-22126 was published Feb 13, 2024
CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in... High Unreviewed
CVE-2024-24337 was published Feb 13, 2024
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows... High Unreviewed
CVE-2024-23762 was published Feb 13, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its... High Unreviewed
CVE-2024-22222 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svc_oscheck... High Unreviewed
CVE-2024-0168 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contain an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-0164 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_nas... High Unreviewed
CVE-2024-22224 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-0170 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svc_dc... High Unreviewed
CVE-2024-22227 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-0165 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability within its... High Unreviewed
CVE-2024-22223 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-22228 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the... High Unreviewed
CVE-2024-0167 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-22225 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-0166 was published Feb 12, 2024
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a... High Unreviewed
CVE-2024-0566 was published Feb 12, 2024
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a... High Unreviewed
CVE-2023-6294 was published Feb 12, 2024
python-multipart vulnerable to Content-Type Header ReDoS High
CVE-2024-24762 was published for python-multipart (pip) Feb 12, 2024
nicecatch2000 Kludex
amita-seal
libgit2-sys affected by memory corruption, denial of service, and arbitrary code execution in libgit2 High
GHSA-22q8-ghmq-63vf was published for libgit2-sys (Rust) Feb 12, 2024
OpenRefine JDBC Attack Vulnerability High
CVE-2024-23833 was published for org.openrefine:database (Maven) Feb 12, 2024
l0n3rs
Processing of CID references at E-Mail can be abused to inject malicious script code that passes... High Unreviewed
CVE-2023-41704 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder &... High Unreviewed
CVE-2024-23512 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose... High Unreviewed
CVE-2024-24926 was published Feb 12, 2024
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets... High Unreviewed
CVE-2024-24796 was published Feb 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database