GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
817 advisories
Filter by severity
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
Moderate
Unreviewed
CVE-2024-42598
was published
Aug 20, 2024
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue...
Moderate
Unreviewed
CVE-2024-7899
was published
Aug 17, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table...
Moderate
Unreviewed
CVE-2024-43128
was published
Aug 13, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability...
Moderate
Unreviewed
CVE-2023-50810
was published
Aug 12, 2024
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway...
Moderate
Unreviewed
CVE-2024-37382
was published
Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to...
Moderate
Unreviewed
CVE-2024-3958
was published
Aug 8, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly...
Moderate
Unreviewed
CVE-2024-6923
was published
Aug 1, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3...
Moderate
Unreviewed
CVE-2024-41304
was published
Jul 30, 2024
A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected...
Moderate
Unreviewed
CVE-2024-6950
was published
Jul 21, 2024
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-6946
was published
Jul 21, 2024
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-6947
was published
Jul 21, 2024
A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools...
Moderate
Unreviewed
CVE-2024-6936
was published
Jul 21, 2024
A vulnerability was found in DedeCMS 5.7.114. It has been classified as critical. This affects an...
Moderate
Unreviewed
CVE-2024-6940
was published
Jul 21, 2024
Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken...
Moderate
Unreviewed
CVE-2024-37405
was published
Jul 12, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40735
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40726
was published
Jul 9, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja...
Moderate
Unreviewed
CVE-2024-37934
was published
Jul 9, 2024
QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers...
Moderate
Unreviewed
CVE-2024-39165
was published
Jul 4, 2024
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function...
Moderate
Unreviewed
CVE-2024-39002
was published
Jul 1, 2024
Tada5hi sp-common v0.5.4 was discovered to contain a prototype pollution via the function...
Moderate
Unreviewed
CVE-2024-38990
was published
Jul 1, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Moderate
Unreviewed
CVE-2024-36075
was published
Jun 27, 2024
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the...
Moderate
Unreviewed
CVE-2024-39209
was published
Jun 27, 2024
File upload vulnerability found in Softexpert Excellence Suite v.2.1 allows attackers to execute...
Moderate
Unreviewed
CVE-2023-26877
was published
Jun 26, 2024
SQL Injection vulnerability in H3C SeaSQL DWS v.2.0 allows a remote attacker to execute arbitrary...
Moderate
Unreviewed
CVE-2024-33335
was published
Jun 20, 2024
nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code...
Moderate
Unreviewed
CVE-2024-36531
was published
Jun 10, 2024
ProTip!
Advisories are also available from the
GraphQL API