Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,767 advisories

Loading
IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded... High Unreviewed
CVE-2024-38319 was published Jun 22, 2024
SQL Injection vulnerability in H3C SeaSQL DWS v.2.0 allows a remote attacker to execute arbitrary... Moderate Unreviewed
CVE-2024-33335 was published Jun 20, 2024
js2py allows remote code execution High
CVE-2024-28397 was published for js2py (pip) Jun 20, 2024
XWiki Platform allows remote code execution from user account Critical
CVE-2024-37899 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 20, 2024
The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions... High Unreviewed
CVE-2024-3562 was published Jun 20, 2024
In the module "Module Live Chat Pro (All in One Messaging)" (livechatpro) <=8.4.0, a guest can... Critical Unreviewed
CVE-2024-36679 was published Jun 19, 2024
Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this... Critical Unreviewed
CVE-2024-37124 was published Jun 19, 2024
Dolibarr arbitrary file upload vulnerability High
CVE-2024-37821 was published for dolibarr/dolibarr (Composer) Jun 18, 2024
A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via... Critical Unreviewed
CVE-2024-36575 was published Jun 17, 2024
Badger Database Prototype Pollution High
CVE-2024-36581 was published for @abw/badger-database (npm) Jun 17, 2024
An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to... Critical Unreviewed
CVE-2024-38396 was published Jun 16, 2024
Xenforo before 2.2.16 allows code injection. High Unreviewed
CVE-2024-38458 was published Jun 16, 2024
htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is... Critical Unreviewed
CVE-2024-38448 was published Jun 16, 2024
In iTerm2 before 3.5.2, the "Terminal may report window title" setting is not honored, and thus... Critical Unreviewed
CVE-2024-38395 was published Jun 16, 2024
An arbitrary file upload vulnerability in Aegon Life v1.0 allows attackers to execute arbitrary... High Unreviewed
CVE-2024-36598 was published Jun 14, 2024
In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a... High Unreviewed
CVE-2024-32925 was published Jun 13, 2024
A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to... Critical Unreviewed
CVE-2024-37849 was published Jun 13, 2024
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the... Critical Unreviewed
CVE-2024-1577 was published Jun 12, 2024
Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote... High Unreviewed
CVE-2024-5834 was published Jun 11, 2024
Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could... Critical Unreviewed
CVE-2024-34405 was published Jun 11, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2024-27857 was published Jun 10, 2024
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS... High Unreviewed
CVE-2022-32897 was published Jun 10, 2024
Langflow remote code execution vulnerability High
CVE-2024-37014 was published for langflow (pip) Jun 10, 2024
Vulnerability discovered by executing a planned security audit. Improper Control of Generation... High Unreviewed
CVE-2024-34761 was published Jun 10, 2024
nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code... Moderate Unreviewed
CVE-2024-36531 was published Jun 10, 2024
ProTip! Advisories are also available from the GraphQL API