Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,142 advisories

Loading
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-10919 was published Nov 6, 2024
A user controlled parameter related to SMTP test functionality is not correctly validated making... High Unreviewed
CVE-2021-31988 was published May 24, 2022
A vulnerability classified as critical was found in SourceCodester Online Veterinary Appointment... Moderate Unreviewed
CVE-2024-10990 was published Nov 8, 2024
A vulnerability, which was classified as critical, has been found in Codezips Hospital... Moderate Unreviewed
CVE-2024-10991 was published Nov 8, 2024
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-10969 was published Nov 7, 2024
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-10968 was published Nov 7, 2024
A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-10967 was published Nov 7, 2024
Moodle vulnerable to cache poisoning via injection into storage Moderate
CVE-2024-43428 was published for moodle/moodle (Composer) Nov 7, 2024
Langchain SQL Injection vulnerability Critical
CVE-2023-32785 was published for langchain (pip) Oct 21, 2023
bertuxdeveloper
A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software... Moderate Unreviewed
CVE-2024-10946 was published Nov 7, 2024
A vulnerability classified as critical was found in Guangzhou Tuchuang Computer Software... Moderate Unreviewed
CVE-2024-10947 was published Nov 7, 2024
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic.... Moderate Unreviewed
CVE-2024-10928 was published Nov 7, 2024
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-10927 was published Nov 7, 2024
Symfony allows changing the environment through a query Moderate
CVE-2024-50340 was published for symfony/runtime (Composer) Nov 6, 2024
wouterj
A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This... Moderate Unreviewed
CVE-2024-10926 was published Nov 6, 2024
Plenti arbitrary file deletion vulnerability High
CVE-2024-49381 was published for github.com/plentico/plenti (Go) Oct 31, 2024
Plenti arbitrary file write vulnerability High
CVE-2024-49380 was published for github.com/plentico/plenti (Go) Oct 31, 2024
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification... Moderate Unreviewed
CVE-2024-7472 was published Oct 29, 2024
A vulnerability has been identified in the Express response.links function, allowing for... Moderate Unreviewed
CVE-2024-10491 was published Oct 29, 2024
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed
CVE-2023-26130 was published May 30, 2023
SQLFluff users with access to config file, using `libary_path` may call arbitrary python code Moderate
CVE-2023-36830 was published for sqlfluff (pip) Jul 6, 2023
Remote Code Execution in Red Discord Bot High
CVE-2020-15147 was published for Red-DiscordBot (pip) Aug 21, 2020
Jackenmen
Remote Code Execution in Red Discord Bot Moderate
CVE-2020-15140 was published for Red-DiscordBot (pip) Aug 21, 2020
douglascdev
SaltStack Salt is vulnerable to shell injection via ProxyCommand argument Critical
CVE-2021-3197 was published for salt (pip) May 24, 2022
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice Moderate
CVE-2024-48927 was published for Umbraco.Cms (NuGet) Oct 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database