GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

198 advisories

Filter by severity

Sort by

Least recently updated

PTC Creo Elements/Direct License Server exposes a web interface which can be used by... Critical Unreviewed

CVE-2024-6071 was published Jun 28, 2024

Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be... Critical Unreviewed

CVE-2024-6303 was published Jun 25, 2024

Missing Authorization vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a... Critical Unreviewed

CVE-2023-39312 was published Jun 19, 2024

Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a... Critical Unreviewed

CVE-2024-31244 was published Jun 9, 2024

Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager... Critical Unreviewed

CVE-2024-33565 was published Jun 9, 2024

In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at `packages/backend/src/api/v1... Critical Unreviewed

CVE-2024-3761 was published May 20, 2024

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... Critical Unreviewed

CVE-2024-27939 was published May 14, 2024

Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue... Critical Unreviewed

CVE-2024-33566 was published Apr 29, 2024

Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember:... Critical Unreviewed

CVE-2024-32948 was published Apr 24, 2024

XWiki Platform remote code execution from account through UIExtension parameters Critical

CVE-2024-31997 was published for org.xwiki.platform:xwiki-platform-uiextension-api (Maven) Apr 10, 2024

Missing Authorization vulnerability in Support Genix.This issue affects Support Genix: from n/a... Critical Unreviewed

CVE-2023-49742 was published Apr 18, 2024

H2O local file inclusion vulnerability Critical

CVE-2023-6038 was published for ai.h2o:h2o-core (Maven) Nov 16, 2023

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary... Critical Unreviewed

CVE-2020-36719 was published Jun 7, 2023

Missing Authorization vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a... Critical Unreviewed

CVE-2024-25912 was published Apr 11, 2024

XWiki Platform remote code execution from account via custom skins support Critical

CVE-2024-31987 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 10, 2024

XWiki Platform: Remote code execution from edit in multilingual wikis via translations Critical

CVE-2024-31983 was published for org.xwiki.platform:xwiki-platform-localization-source-wiki (Maven) Apr 10, 2024

XWiki Platform: Privilege escalation (PR) from user registration through PDFClass Critical

CVE-2024-31981 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 10, 2024

The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to... Critical Unreviewed

CVE-2023-5533 was published Oct 20, 2023

Vulnerability of missing authorization in the kernel module. Successful exploitation of this... Critical Unreviewed

CVE-2023-41296 was published Sep 25, 2023

There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel... Critical Unreviewed

CVE-2023-43135 was published Sep 21, 2023

There is an unauthorized access vulnerability in Netis 360RAC1200 v1.3.4517, which allows... Critical Unreviewed

CVE-2023-43134 was published Sep 20, 2023

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods... Critical Unreviewed

CVE-2023-0923 was published Sep 15, 2023

An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain... Critical Unreviewed

CVE-2023-39073 was published Sep 13, 2023

In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing... Critical Unreviewed

CVE-2023-36140 was published Sep 11, 2023

The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data,... Critical Unreviewed

CVE-2023-3956 was published Jul 27, 2023

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

198 advisories