Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,036
Erlang
29
GitHub Actions
18
Go
1,848
Maven
5,000+
npm
3,582
NuGet
636
pip
3,165
Pub
10
RubyGems
850
Rust
803
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

226,062 advisories

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack... Moderate Unreviewed
CVE-2024-35116 was published Jun 29, 2024
In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of... Critical Unreviewed
CVE-2024-42815 was published Aug 19, 2024
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting... Moderate Unreviewed
CVE-2024-35539 was published Aug 19, 2024
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-42568 was published Aug 20, 2024
Memory corruption while processing IOCTL handler in FastRPC. High Unreviewed
CVE-2023-43554 was published Jul 1, 2024
A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory... High Unreviewed
CVE-2024-42577 was published Aug 20, 2024
A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory... High Unreviewed
CVE-2024-42584 was published Aug 20, 2024
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-42572 was published Aug 20, 2024
Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the... Moderate Unreviewed
CVE-2024-39094 was published Aug 20, 2024
A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System... High Unreviewed
CVE-2024-42579 was published Aug 20, 2024
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-42573 was published Aug 20, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could... High Unreviewed
CVE-2024-34458 was published Aug 20, 2024
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure. High Unreviewed
CVE-2024-42006 was published Aug 20, 2024
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42616 was published Aug 20, 2024
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42612 was published Aug 20, 2024
A cross-site scripting (XSS) vulnerability in the component /index/index.html of YZNCMS v1.4.2... Moderate Unreviewed
CVE-2024-42939 was published Aug 21, 2024
Command go env is documented as outputting a shell script containing the Go environment. However,... Critical Unreviewed
CVE-2023-24531 was published Jul 2, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... High Unreviewed
CVE-2022-25480 was published Jul 2, 2024
null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker... High Unreviewed
CVE-2024-38477 was published Jul 1, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... Moderate Unreviewed
CVE-2022-25479 was published Jul 2, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote... Critical Unreviewed
CVE-2024-27712 was published Jul 5, 2024
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does... Critical Unreviewed
CVE-2024-44070 was published Aug 19, 2024
Information Disclosure while parsing beacon frame in STA. Moderate Unreviewed
CVE-2024-21456 was published Jul 1, 2024
A vulnerability was found in itsourcecode Farm Management System 1.0. It has been rated as... High Unreviewed
CVE-2024-6190 was published Jun 20, 2024
Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows... Critical Unreviewed
CVE-2024-38474 was published Jul 1, 2024
ProTip! Advisories are also available from the GraphQL API