GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
92,864 advisories
Filter by severity
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a...
High
Unreviewed
CVE-2023-6816
was published
Jan 18, 2024
A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This...
High
Unreviewed
CVE-2024-0648
was published
Jan 18, 2024
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an...
High
Unreviewed
CVE-2024-20272
was published
Jan 17, 2024
Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2024-22715
was published
Jan 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS...
High
Unreviewed
CVE-2022-41990
was published
Jan 17, 2024
In Progress MOVEit Transfer versions released before 2022.0.10 (14.0.10), 2022.1.11 (14.1.11),...
High
Unreviewed
CVE-2024-0396
was published
Jan 17, 2024
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security...
High
Unreviewed
CVE-2024-0646
was published
Jan 17, 2024
Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could...
High
Unreviewed
CVE-2024-0645
was published
Jan 17, 2024
The Track The Click WordPress plugin before 0.3.12 does not properly sanitize query parameters to...
High
Unreviewed
CVE-2023-5041
was published
Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of...
High
Unreviewed
CVE-2023-51740
was published
Jan 17, 2024
This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to transmission of...
High
Unreviewed
CVE-2023-51741
was published
Jan 17, 2024
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php s_score2 parameter.
High
Unreviewed
CVE-2023-52285
was published
Jan 17, 2024
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is...
High
Unreviewed
CVE-2024-0405
was published
Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
High
Unreviewed
CVE-2024-20932
was published
Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
High
Unreviewed
CVE-2024-20918
was published
Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
High
Unreviewed
CVE-2024-20952
was published
Jan 17, 2024
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an...
High
Unreviewed
CVE-2024-0603
was published
Jan 17, 2024
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager...
High
Unreviewed
CVE-2024-20916
was published
Jan 17, 2024
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported...
High
Unreviewed
CVE-2024-20924
was published
Jan 17, 2024
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to...
High
Unreviewed
CVE-2024-0518
was published
Jan 17, 2024
Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to...
High
Unreviewed
CVE-2024-0517
was published
Jan 17, 2024
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote...
High
Unreviewed
CVE-2024-0519
was published
Jan 17, 2024
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of...
High
Unreviewed
CVE-2023-21901
was published
Jan 17, 2024
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal...
High
Unreviewed
CVE-2023-5097
was published
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API