Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

31,068 advisories

Loading
Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2023-52369 was published Feb 18, 2024
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based... Critical Unreviewed
CVE-2024-0610 was published Feb 17, 2024
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is... Critical Unreviewed
CVE-2024-1512 was published Feb 17, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed
CVE-2024-21915 was published Feb 16, 2024
Tongda OA v2017 and up to v11.9 was discovered to contain a SQL injection vulnerability via the ... Critical Unreviewed
CVE-2024-25320 was published Feb 16, 2024
In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed
CVE-2024-0031 was published Feb 16, 2024
An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to... Critical Unreviewed
CVE-2024-25414 was published Feb 16, 2024
A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved... Critical Unreviewed
CVE-2024-25413 was published Feb 16, 2024
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed
CVE-2024-23674 was published Feb 16, 2024
In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free.... Critical Unreviewed
CVE-2023-40115 was published Feb 16, 2024
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution... Critical Unreviewed
CVE-2023-40057 was published Feb 15, 2024
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed
CVE-2024-23479 was published Feb 15, 2024
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed
CVE-2024-23476 was published Feb 15, 2024
Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-25502 was published Feb 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-7081 was published Feb 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-5155 was published Feb 15, 2024
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed
CVE-2024-23113 was published Feb 15, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed
CVE-2024-20738 was published Feb 15, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information... Critical Unreviewed
CVE-2023-39245 was published Feb 15, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ... Critical Unreviewed
CVE-2023-28078 was published Feb 15, 2024
Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below... Critical Unreviewed
CVE-2023-32484 was published Feb 15, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed
CVE-2023-32462 was published Feb 15, 2024
INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed
CVE-2024-0390 was published Feb 15, 2024
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow... Critical Unreviewed
CVE-2022-23085 was published Feb 15, 2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer... Critical Unreviewed
CVE-2022-23086 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database