GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
852 advisories
Filter by severity
In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows...
Moderate
Unreviewed
CVE-2024-45200
was published
Sep 30, 2024
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9324
was published
Sep 29, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ...
Moderate
Unreviewed
CVE-2024-37779
was published
Sep 23, 2024
A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected...
Moderate
Unreviewed
CVE-2024-9006
was published
Sep 20, 2024
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7....
Moderate
Unreviewed
CVE-2024-8880
was published
Sep 16, 2024
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code....
Moderate
Unreviewed
CVE-2023-39333
was published
Sep 7, 2024
A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-8523
was published
Sep 7, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc....
Moderate
Unreviewed
CVE-2024-43922
was published
Aug 29, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
Moderate
Unreviewed
CVE-2024-42598
was published
Aug 20, 2024
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue...
Moderate
Unreviewed
CVE-2024-7899
was published
Aug 17, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table...
Moderate
Unreviewed
CVE-2024-43128
was published
Aug 13, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability...
Moderate
Unreviewed
CVE-2023-50810
was published
Aug 12, 2024
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway...
Moderate
Unreviewed
CVE-2024-37382
was published
Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to...
Moderate
Unreviewed
CVE-2024-3958
was published
Aug 8, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly...
Moderate
Unreviewed
CVE-2024-6923
was published
Aug 1, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3...
Moderate
Unreviewed
CVE-2024-41304
was published
Jul 30, 2024
A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Affected...
Moderate
Unreviewed
CVE-2024-6950
was published
Jul 21, 2024
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-6946
was published
Jul 21, 2024
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-6947
was published
Jul 21, 2024
A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools...
Moderate
Unreviewed
CVE-2024-6936
was published
Jul 21, 2024
A vulnerability was found in DedeCMS 5.7.114. It has been classified as critical. This affects an...
Moderate
Unreviewed
CVE-2024-6940
was published
Jul 21, 2024
Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken...
Moderate
Unreviewed
CVE-2024-37405
was published
Jul 12, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40726
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40735
was published
Jul 9, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja...
Moderate
Unreviewed
CVE-2024-37934
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API