GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,495 advisories
Filter by severity
A vulnerability classified as critical has been found in code-projects Restaurant Reservation...
Moderate
Unreviewed
CVE-2024-9086
was published
Sep 22, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and...
Moderate
Unreviewed
CVE-2024-40703
was published
Sep 22, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-9082
was published
Sep 22, 2024
A vulnerability classified as problematic was found in code-projects Blood Bank System 1.0. This...
Moderate
Unreviewed
CVE-2024-9084
was published
Sep 22, 2024
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated...
Moderate
Unreviewed
CVE-2024-9085
was published
Sep 22, 2024
A vulnerability classified as problematic has been found in SourceCodester Employee Management...
Moderate
Unreviewed
CVE-2024-9083
was published
Sep 22, 2024
A vulnerability was found in code-projects Student Record System 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2024-9080
was published
Sep 22, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-9081
was published
Sep 22, 2024
A vulnerability was found in code-projects Student Record System 1.0 and classified as critical....
Moderate
Unreviewed
CVE-2024-9079
was published
Sep 22, 2024
A vulnerability has been found in code-projects Student Record System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-9078
was published
Sep 22, 2024
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request...
Unknown
Unreviewed
CVE-2024-47220
was published
Sep 22, 2024
CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.
Unknown
Unreviewed
CVE-2024-47221
was published
Sep 22, 2024
A stored cross-site scripting (XSS) vulnerability exists in NetBox 4.1.0 within the ...
Unknown
Unreviewed
CVE-2024-47226
was published
Sep 22, 2024
A vulnerability classified as problematic has been found in dingfangzu up to...
Moderate
Unreviewed
CVE-2024-9077
was published
Sep 22, 2024
A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-9076
was published
Sep 22, 2024
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection.
Unknown
Unreviewed
CVE-2024-47219
was published
Sep 22, 2024
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication.
Unknown
Unreviewed
CVE-2024-47218
was published
Sep 22, 2024
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as...
Low
Unreviewed
CVE-2024-9075
was published
Sep 22, 2024
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role)...
Unknown
Unreviewed
CVE-2024-47210
was published
Sep 22, 2024
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This...
Unknown
Unreviewed
CVE-2024-42323
was published
Sep 21, 2024
A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic....
Moderate
Unreviewed
CVE-2024-9048
was published
Sep 21, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
The configuration file stores credentials in cleartext. An attacker with local access rights can...
Moderate
Unreviewed
CVE-2024-6785
was published
Sep 21, 2024
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal...
Moderate
Unreviewed
CVE-2024-6786
was published
Sep 21, 2024
This vulnerability occurs when an attacker exploits a race condition between the time a file is...
Moderate
Unreviewed
CVE-2024-6787
was published
Sep 21, 2024
ProTip!
Advisories are also available from the
GraphQL API