Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,827 advisories

Loading
An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute... Critical Unreviewed
CVE-2023-50488 was published Feb 2, 2024
Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component... Critical Unreviewed
CVE-2024-24186 was published Feb 7, 2024
An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb... Critical Unreviewed
CVE-2024-24024 was published Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24019 was published Feb 7, 2024
Suite CRM version 7.14.2 allows including local php files. This is possible because the... Critical Unreviewed
CVE-2024-1644 was published Feb 20, 2024
SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run... Critical Unreviewed
CVE-2022-47072 was published Jan 31, 2024
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export... Critical Unreviewed
CVE-2023-48792 was published Feb 2, 2024
Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number... Critical Unreviewed
CVE-2023-4472 was published Feb 2, 2024
An issue in Fronius Datalogger Web v.2.0.5-4, allows remote attackers to obtain sensitive... Critical Unreviewed
CVE-2023-37621 was published Feb 1, 2024
An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation... Critical Unreviewed
CVE-2024-0822 was published Jan 25, 2024
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com... Critical Unreviewed
CVE-2024-24004 was published Feb 7, 2024
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com... Critical Unreviewed
CVE-2024-24002 was published Feb 7, 2024
Memory corruption in Core while processing control functions. Critical Unreviewed
CVE-2023-33072 was published Feb 6, 2024
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based... Critical Unreviewed
CVE-2024-0610 was published Feb 17, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed
CVE-2024-21915 was published Feb 16, 2024
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23739 was published Jan 28, 2024
An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23740 was published Jan 28, 2024
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute... Critical Unreviewed
CVE-2024-23738 was published Jan 28, 2024
Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is... Critical Unreviewed
CVE-2023-49314 was published Nov 28, 2023
An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-50643 was published Jan 9, 2024
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On... Critical Unreviewed
CVE-2019-15900 was published May 24, 2022
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new... Critical Unreviewed
CVE-2023-49238 was published Jan 9, 2024
MyQ Print Server before 8.2 patch 43 allows Unauthenticated Remote Code Execution. Critical Unreviewed
CVE-2024-22076 was published Jan 23, 2024
JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. Critical Unreviewed
CVE-2024-24029 was published Feb 2, 2024
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed
CVE-2024-23479 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database