GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,475

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,538 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-23505 was published Jan 31, 2024

A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as... Moderate Unreviewed

CVE-2023-5992 was published Jan 31, 2024

An integer overflow was found in the __vsyslog_internal function of the glibc library. This... Moderate Unreviewed

CVE-2023-6780 was published Jan 31, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browser Theme Color.This issue... Moderate Unreviewed

CVE-2024-22291 was published Jan 31, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpage Manager.This issue... Moderate Unreviewed

CVE-2024-22285 was published Jan 31, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshMail For WordPress.This... Moderate Unreviewed

CVE-2024-22304 was published Jan 31, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This issue affects WP Spell... Moderate Unreviewed

CVE-2024-22143 was published Jan 31, 2024

Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons – Widgets,... Moderate Unreviewed

CVE-2024-22136 was published Jan 31, 2024

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as... Moderate Unreviewed

CVE-2024-1103 was published Jan 31, 2024

Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop... Moderate Unreviewed

CVE-2024-0589 was published Jan 31, 2024

A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low... Moderate Unreviewed

CVE-2023-50357 was published Jan 31, 2024

A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected... Moderate Unreviewed

CVE-2024-1099 was published Jan 31, 2024

A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue... Moderate Unreviewed

CVE-2024-1098 was published Jan 31, 2024

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing... Moderate Unreviewed

CVE-2024-23170 was published Jan 31, 2024

A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This... Moderate Unreviewed

CVE-2024-1012 was published Jan 31, 2024

The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is... Moderate Unreviewed

CVE-2024-0836 was published Jan 31, 2024

A timing side-channel vulnerability has been discovered in the opencryptoki package while... Moderate Unreviewed

CVE-2024-0914 was published Jan 31, 2024

The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro'... Moderate Unreviewed

CVE-2023-2439 was published Jan 31, 2024

Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute... Moderate Unreviewed

CVE-2024-22569 was published Jan 31, 2024

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate Unreviewed

CVE-2024-21388 was published Jan 30, 2024

In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its... Moderate Unreviewed

CVE-2023-46231 was published Jan 30, 2024

HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker... Moderate Unreviewed

CVE-2023-37518 was published Jan 30, 2024

A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of... Moderate Unreviewed

CVE-2024-0564 was published Jan 30, 2024

Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed

CVE-2024-0674 was published Jan 30, 2024

Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1... Moderate Unreviewed

CVE-2024-0676 was published Jan 30, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,538 advisories