Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,098 advisories

Loading
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a... Low Unreviewed
CVE-2024-10515 was published Nov 20, 2024
Missing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting... Low Unreviewed
CVE-2024-51671 was published Nov 19, 2024
Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts` Low
CVE-2024-52587 was published for step-security/harden-runner (GitHub Actions) Nov 18, 2024
woodruffw
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when... Low Unreviewed
CVE-2024-5030 was published Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit Low
CVE-2024-21539 was published for @eslint/plugin-kit (npm) Nov 15, 2024
mariancorneci-snyk SuperMaxine
MikuroXina
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about... Low Unreviewed
CVE-2024-46383 was published Nov 15, 2024
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows... Low Unreviewed
CVE-2022-1226 was published Nov 15, 2024
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning... Low Unreviewed
CVE-2024-50825 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning... Low Unreviewed
CVE-2024-50826 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning... Low Unreviewed
CVE-2024-50827 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_subject.php in kashipara E-learning... Low Unreviewed
CVE-2024-50829 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/calendar_of_events.php in kashipara E-learning... Low Unreviewed
CVE-2024-50830 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_department.php in kashipara E-learning... Low Unreviewed
CVE-2024-50828 was published Nov 14, 2024
A SQL Injection was found in /admin/admin_user.php in kashipara E-learning Management System... Low Unreviewed
CVE-2024-50831 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/class.php in kashipara E-learning Management... Low Unreviewed
CVE-2024-50824 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management... Low Unreviewed
CVE-2024-50823 was published Nov 14, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an... Low Unreviewed
CVE-2024-42188 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning... Low Unreviewed
CVE-2024-50832 was published Nov 14, 2024
A SQL Injection was found in /admin/teachers.php in KASHIPARA E-learning Management System... Low Unreviewed
CVE-2024-50834 was published Nov 14, 2024
A SQL Injection vulnerability was found in /admin/edit_student.php in KASHIPARA E-learning... Low Unreviewed
CVE-2024-50835 was published Nov 14, 2024
A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System... Low Unreviewed
CVE-2024-50833 was published Nov 14, 2024
s2n-tls has undefined behavior at process exit Low
GHSA-rp9h-rf7g-hwgr was published for s2n-tls (Rust) Nov 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17... Low Unreviewed
CVE-2024-9633 was published Nov 14, 2024
Client use of server error message in PostgreSQL allows a server not trusted under current SSL or... Low Unreviewed
CVE-2024-10977 was published Nov 14, 2024
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a... Low Unreviewed
CVE-2024-45099 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database