GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,030
Erlang
29
GitHub Actions
17
Go
1,836
Maven
5,000+
npm
3,574
NuGet
632
pip
3,161
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,636 advisories
Filter by severity
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-7094
was published
Aug 13, 2024
A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote...
High
Unreviewed
CVE-2024-5651
was published
Aug 12, 2024
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due...
Low
Unreviewed
CVE-2024-22123
was published
Aug 12, 2024
An administrator with restricted permissions can exploit the script execution functionality...
Critical
Unreviewed
CVE-2024-22116
was published
Aug 12, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0...
High
Unreviewed
CVE-2023-33206
was published
Aug 8, 2024
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway...
Moderate
Unreviewed
CVE-2024-37382
was published
Aug 8, 2024
Shopware vulnerable to Server Side Template Injection in Twig using Context functions
High
CVE-2024-42356
was published
for
shopware/core
(Composer)
Aug 8, 2024
Shopware vulnerable to Server Side Template Injection in Twig using deprecation silence tag
High
CVE-2024-42355
was published
for
shopware/core
(Composer)
Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to...
Moderate
Unreviewed
CVE-2024-3958
was published
Aug 8, 2024
Attackers with a valid username and password can exploit a python code injection vulnerability...
High
Unreviewed
CVE-2024-6891
was published
Aug 8, 2024
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to...
Critical
Unreviewed
CVE-2024-42393
was published
Aug 6, 2024
Editor.js vulnerable to Code Injection
Moderate
CVE-2022-23474
was published
for
@editorjs/editorjs
(npm)
Aug 5, 2024
Nuxt vulnerable to remote code execution via the browser when running the test locally
High
CVE-2024-34344
was published
for
nuxt
(npm)
Aug 5, 2024
Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v...
Critical
Unreviewed
CVE-2024-40530
was published
Aug 5, 2024
WD Discovery
versions prior to 5.0.589 contain a misconfiguration in the Node.js environment...
High
Unreviewed
CVE-2024-22169
was published
Aug 2, 2024
Apache Inlong Code Injection vulnerability
Critical
CVE-2024-36268
was published
for
org.apache.inlong:tubemq-core
(Maven)
Aug 2, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly...
Moderate
Unreviewed
CVE-2024-6923
was published
Aug 1, 2024
Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code...
High
Unreviewed
CVE-2024-6726
was published
Jul 29, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2024-41468
was published
Jul 26, 2024
OpenAM FreeMarker template injection
High
CVE-2024-41667
was published
for
org.openidentityplatform.openam:openam-oauth2
(Maven)
Jul 25, 2024
Remote code execution in Spring Cloud Data Flow
Critical
CVE-2024-37084
was published
for
org.springframework.cloud:spring-cloud-skipper
(Maven)
Jul 25, 2024
An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-38944
was published
Jul 22, 2024
All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ...
Critical
Unreviewed
CVE-2024-21552
was published
Jul 22, 2024
A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected...
Moderate
Unreviewed
CVE-2024-6950
was published
Jul 21, 2024
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-6947
was published
Jul 21, 2024
ProTip!
Advisories are also available from the
GraphQL API