GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,565 advisories
Filter by severity
A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session...
Low
Unreviewed
CVE-2024-4680
was published
Jun 8, 2024
A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue...
Low
Unreviewed
CVE-2024-5766
was published
Jun 8, 2024
Symlink bypasses filesystem sandbox
Low
GHSA-55f3-3qvg-8pv5
was published
for
wasmer
(Rust)
Jun 7, 2024
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both...
Low
Unreviewed
CVE-2024-3166
was published
Jun 6, 2024
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-5307
was published
Jun 6, 2024
evmos allows transferring unvested tokens after delegations
Low
CVE-2024-32873
was published
for
github.com/evmos/evmos/v10
(Go)
Jun 6, 2024
s2n-tls has a potentially observable differences in RSA premaster secret handling
Low
GHSA-52xf-5p2m-9wrv
was published
for
s2n-tls
(Rust)
Jun 6, 2024
Password hash exposed in CraftCMS two factor authentication plugin
Low
CVE-2024-5657
was published
for
born05/craft-twofactorauthentication
(Composer)
Jun 6, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820,...
Low
Unreviewed
CVE-2023-50804
was published
Jun 5, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820,...
Low
Unreviewed
CVE-2023-50803
was published
Jun 5, 2024
Typo3 Information Disclosure in Page Tree
Low
GHSA-h934-f4m4-wc8x
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Information Disclosure in TYPO3 CMS
Low
GHSA-c7p6-3c9c-f88q
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Arbitrary JavaScript execution due to using outdated libraries
Low
GHSA-4m3g-6r7g-jv4f
was published
for
gradio_pdf
(pip)
Jun 5, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP...
Low
Unreviewed
CVE-2023-52147
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login...
Low
Unreviewed
CVE-2023-48335
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Vongries...
Low
Unreviewed
CVE-2023-49822
was published
Jun 4, 2024
Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode...
Low
Unreviewed
CVE-2023-49741
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur,...
Low
Unreviewed
CVE-2023-49748
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in LWS LWS Hide Login...
Low
Unreviewed
CVE-2023-47818
was published
Jun 4, 2024
Authentication Bypass by Spoofing vulnerability in WP Maintenance allows Accessing Functionality...
Low
Unreviewed
CVE-2023-47769
was published
Jun 4, 2024
Missing Authorization vulnerability in Event Espresso Event Espresso 4 Decaf allows Functionality...
Low
Unreviewed
CVE-2023-27437
was published
Jun 4, 2024
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar,...
Low
Unreviewed
CVE-2023-24373
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API