GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
31,885 advisories
Filter by severity
VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A...
Critical
Unreviewed
CVE-2024-22267
was published
May 14, 2024
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP...
Critical
Unreviewed
CVE-2024-4824
was published
May 14, 2024
Cockpit CMS contains an arbitrary file upload vulenrability
Critical
CVE-2024-4825
was published
for
cockpit-hq/cockpit
(Composer)
May 14, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL...
Critical
Unreviewed
CVE-2024-4434
was published
May 14, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads...
Critical
Unreviewed
CVE-2024-4560
was published
May 14, 2024
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who...
Critical
Unreviewed
CVE-2024-4671
was published
May 14, 2024
The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions...
Critical
Unreviewed
CVE-2024-4413
was published
May 14, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and...
Critical
Unreviewed
CVE-2024-3263
was published
May 14, 2024
The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and...
Critical
Unreviewed
CVE-2024-3806
was published
May 14, 2024
NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker...
Critical
Unreviewed
CVE-2024-3016
was published
May 14, 2024
The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in...
Critical
Unreviewed
CVE-2024-3070
was published
May 14, 2024
TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password...
Critical
Unreviewed
CVE-2024-35099
was published
May 14, 2024
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow...
Critical
Unreviewed
CVE-2024-34943
was published
May 14, 2024
SurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an...
Critical
Unreviewed
CVE-2024-35049
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This...
Critical
Unreviewed
CVE-2024-34555
was published
May 14, 2024
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow...
Critical
Unreviewed
CVE-2024-34945
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT...
Critical
Unreviewed
CVE-2024-34440
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Thomas Scholl canvasio3D Light...
Critical
Unreviewed
CVE-2024-34411
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue...
Critical
Unreviewed
CVE-2024-34416
was published
May 14, 2024
Apache Karaf Cave: Cave SSRF and arbitrary file access
Critical
CVE-2024-34365
was published
for
org.apache.karaf:cave
(Maven)
May 14, 2024
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow...
Critical
Unreviewed
CVE-2024-34213
was published
May 14, 2024
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow...
Critical
Unreviewed
CVE-2024-34209
was published
May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2024-34204
was published
May 14, 2024
SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester...
Critical
Unreviewed
CVE-2024-34226
was published
May 14, 2024
HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.
Critical
Unreviewed
CVE-2024-33874
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API