Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,864 advisories

Loading
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a... High Unreviewed
CVE-2023-6816 was published Jan 18, 2024
A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This... High Unreviewed
CVE-2024-0648 was published Jan 18, 2024
Denial of Service High Unreviewed
CVE-2023-6549 was published Jan 17, 2024
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an... High Unreviewed
CVE-2024-20272 was published Jan 17, 2024
Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2024-22715 was published Jan 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS... High Unreviewed
CVE-2022-41990 was published Jan 17, 2024
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11),... High Unreviewed
CVE-2024-0396 was published Jan 17, 2024
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security... High Unreviewed
CVE-2024-0646 was published Jan 17, 2024
The Track The Click WordPress plugin before 0.3.12 does not properly sanitize query parameters to... High Unreviewed
CVE-2023-5041 was published Jan 17, 2024
Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could... High Unreviewed
CVE-2024-0645 was published Jan 17, 2024
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php s_score2 parameter. High Unreviewed
CVE-2023-52285 was published Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of... High Unreviewed
CVE-2023-51740 was published Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of... High Unreviewed
CVE-2023-51741 was published Jan 17, 2024
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is... High Unreviewed
CVE-2024-0405 was published Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20918 was published Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20952 was published Jan 17, 2024
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported... High Unreviewed
CVE-2024-20924 was published Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20932 was published Jan 17, 2024
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager... High Unreviewed
CVE-2024-20916 was published Jan 17, 2024
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an... High Unreviewed
CVE-2024-0603 was published Jan 17, 2024
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2023-21901 was published Jan 17, 2024
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to... High Unreviewed
CVE-2024-0518 was published Jan 17, 2024
Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to... High Unreviewed
CVE-2024-0517 was published Jan 17, 2024
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote... High Unreviewed
CVE-2024-0519 was published Jan 17, 2024
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal... High Unreviewed
CVE-2023-5097 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database