GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be...
Moderate
Unreviewed
CVE-2024-12123
was published
Dec 4, 2024
Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to...
High
Unreviewed
CVE-2024-7025
was published
Nov 27, 2024
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9123
was published
Sep 25, 2024
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all...
Moderate
Unreviewed
CVE-2024-6010
was published
Sep 7, 2024
External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint...
Moderate
Unreviewed
CVE-2023-38520
was published
Jun 4, 2024
External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar,...
Low
Unreviewed
CVE-2023-24373
was published
Jun 4, 2024
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows...
Critical
Unreviewed
CVE-2024-25153
was published
Mar 13, 2024
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, and 4.6.2 could allow an attacker with specific...
Moderate
Unreviewed
CVE-2023-28512
was published
Mar 3, 2024
Duplicate Advisory: httparty has multipart/form-data request tampering vulnerability
Moderate
GHSA-g47j-3m2m-74qv
was published
for
httparty
(RubyGems)
Jan 4, 2024
•
withdrawn
httparty has multipart/form-data request tampering vulnerability
Moderate
CVE-2024-22049
was published
for
httparty
(RubyGems)
Jan 3, 2023
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1295
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1294
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1293
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1292
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1291
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1290
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160,...
Critical
Unreviewed
CVE-2021-1289
was published
May 24, 2022
An improper control of parameters allows the spoofing of the from fields of the following screens...
Moderate
Unreviewed
CVE-2020-1765
was published
May 24, 2022
External Control of Assumed-Immutable Web Parameter in moodle
Moderate
CVE-2022-30597
was published
for
moodle/moodle
(Composer)
May 19, 2022
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded...
High
Unreviewed
CVE-2021-27770
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API