Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,084 advisories

Loading
Angular Expressions - Remote Code Execution when using locals Critical
CVE-2024-54152 was published for angular-expressions (npm) Dec 10, 2024
JorianWoltjer
Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C,... Critical Unreviewed
CVE-2024-5660 was published Dec 10, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54751 was published Dec 10, 2024
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... Critical Unreviewed
CVE-2024-37143 was published Dec 10, 2024
Adobe Document Service allows an attacker with administrator privileges to send a crafted request... Critical Unreviewed
CVE-2024-47578 was published Dec 10, 2024
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account... Critical Unreviewed
CVE-2024-53552 was published Dec 10, 2024
A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1... Critical Unreviewed
CVE-2024-54924 was published Dec 9, 2024
A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning... Critical Unreviewed
CVE-2024-54923 was published Dec 9, 2024
A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1... Critical Unreviewed
CVE-2024-54931 was published Dec 9, 2024
A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0,... Critical Unreviewed
CVE-2024-54921 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... Critical Unreviewed
CVE-2024-54932 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class... Critical Unreviewed
CVE-2024-54934 was published Dec 9, 2024
A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System... Critical Unreviewed
CVE-2024-54925 was published Dec 9, 2024
Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a... Critical Unreviewed
CVE-2024-48956 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to Remote Code Execution via File... Critical Unreviewed
CVE-2024-54918 was published Dec 9, 2024
SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in product_title... Critical Unreviewed
CVE-2022-38947 was published Dec 9, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. Critical Unreviewed
CVE-2024-40583 was published Dec 9, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed
CVE-2022-38946 was published Dec 9, 2024
A SQL Injection vulnerability was found in the /teacher_signup.php of kashipara E-learning... Critical Unreviewed
CVE-2024-54920 was published Dec 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium... Critical Unreviewed
CVE-2024-53822 was published Dec 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54215 was published Dec 9, 2024
Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet... Critical Unreviewed
CVE-2024-43222 was published Dec 9, 2024
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting... Critical Unreviewed
CVE-2023-32117 was published Dec 9, 2024
The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. Critical Unreviewed
CVE-2024-55564 was published Dec 9, 2024
MailCleaner before 28d913e has default values of ssh_host_dsa_key, ssh_host_rsa_key, and... Critical Unreviewed
CVE-2024-55560 was published Dec 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database