Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

718 advisories

Loading
Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could... Critical Unreviewed
CVE-2024-34405 was published Jun 11, 2024
Arbitrary Code Execution in TYPO3 CMS Critical
GHSA-67wg-6j7r-mqh8 was published for typo3/cms (Composer) Jun 5, 2024
Jan path traversal vulnerability Critical
CVE-2024-37273 was published for @janhq/core (npm) Jun 4, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks... Critical Unreviewed
CVE-2024-25600 was published Jun 4, 2024
Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark... Critical Unreviewed
CVE-2024-36568 was published Jun 3, 2024
Vanna prompt injection code execution Critical
CVE-2024-5565 was published for vanna (pip) May 31, 2024
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection... Critical Unreviewed
CVE-2024-23692 was published May 31, 2024
Blackprint @blackprint/engine Prototype Pollution issue Critical
CVE-2024-24294 was published for @blackprint/engine (npm) May 20, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify... Critical Unreviewed
CVE-2024-33644 was published May 17, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in MainWP MainWP Code... Critical Unreviewed
CVE-2023-23645 was published May 17, 2024
Shrubbery tac_plus 2.x, 3.x. and 4.x through F4.0.4.28 allows unauthenticated Remote Command... Critical Unreviewed
CVE-2023-48643 was published May 16, 2024
Laravel RCE vulnerability in "cookie" session driver Critical
GHSA-2ffv-r4r9-r8xr was published for illuminate/cookie (Composer) May 15, 2024
Drupal core Remote Code Execution Critical
GHSA-jf8c-36vw-98x4 was published for drupal/drupal (Composer) May 15, 2024
Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution Critical
GHSA-7v68-3pr5-h3cr was published for drupal/core (Composer) May 15, 2024
Drupal core Remote Code Execution Critical
GHSA-6mgp-v5cm-ghg5 was published for drupal/core (Composer) May 15, 2024
An issue was identified in the Identity Security Cloud (ISC) Transform preview and... Critical Unreviewed
CVE-2024-3319 was published May 15, 2024
An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-33294 was published May 6, 2024
CraftBeerPi 4 allows arbitrary code execution Critical
CVE-2024-3955 was published for cbpi4 (pip) May 2, 2024
An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted... Critical Unreviewed
CVE-2024-33445 was published Apr 29, 2024
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da... Critical Unreviewed
CVE-2024-31822 was published Apr 29, 2024
An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0... Critical Unreviewed
CVE-2024-32491 was published Apr 29, 2024
Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a... Critical Unreviewed
CVE-2024-22633 was published Apr 26, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Eli Scheetz Anti... Critical Unreviewed
CVE-2024-22144 was published Apr 25, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced... Critical Unreviewed
CVE-2024-31266 was published Apr 25, 2024
Drupal Core Remote Code Execution Vulnerability Critical
CVE-2018-7602 was published for drupal/core (Composer) Apr 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database