GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
103,649 advisories
Filter by severity
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal...
Moderate
Unreviewed
CVE-2024-37136
was published
Sep 3, 2024
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been...
Moderate
Unreviewed
CVE-2024-8380
was published
Sep 3, 2024
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4...
Moderate
Unreviewed
CVE-2024-6343
was published
Sep 3, 2024
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of...
Moderate
Unreviewed
CVE-2024-42061
was published
Sep 3, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-6920
was published
Sep 2, 2024
A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This...
Moderate
Unreviewed
CVE-2020-36830
was published
Sep 2, 2024
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
Moderate
Unreviewed
CVE-2024-33043
was published
Sep 2, 2024
memory corruption when an invalid firehose patch command is invoked.
Moderate
Unreviewed
CVE-2024-33016
was published
Sep 2, 2024
Vault Community Edition and Vault Enterprise experienced a regression where functionality that...
Moderate
Unreviewed
CVE-2024-8365
was published
Sep 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-38382
was published
Sep 2, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-39612
was published
Sep 2, 2024
in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-39775
was published
Sep 2, 2024
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability...
Moderate
Unreviewed
CVE-2024-8370
was published
Sep 2, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin...
Moderate
Unreviewed
CVE-2024-5053
was published
Sep 1, 2024
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to...
Moderate
Unreviewed
CVE-2024-8367
was published
Sep 1, 2024
A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-8368
was published
Sep 1, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-8366
was published
Aug 31, 2024
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4539
was published
Aug 31, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink)...
Moderate
Unreviewed
CVE-2024-39578
was published
Aug 31, 2024
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions...
Moderate
Unreviewed
CVE-2022-4536
was published
Aug 31, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out...
Moderate
Unreviewed
CVE-2024-0110
was published
Aug 31, 2024
The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8276
was published
Aug 31, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment...
Moderate
Unreviewed
CVE-2024-39579
was published
Aug 31, 2024
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up...
Moderate
Unreviewed
CVE-2022-4100
was published
Aug 31, 2024
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-8108
was published
Aug 31, 2024
ProTip!
Advisories are also available from the
GraphQL API