Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,817 advisories

Loading
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com... Critical Unreviewed
CVE-2024-24002 was published Feb 7, 2024
Memory corruption in Core while processing control functions. Critical Unreviewed
CVE-2023-33072 was published Feb 6, 2024
The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based... Critical Unreviewed
CVE-2024-0610 was published Feb 17, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed
CVE-2024-21915 was published Feb 16, 2024
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23739 was published Jan 28, 2024
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute... Critical Unreviewed
CVE-2024-23738 was published Jan 28, 2024
An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23740 was published Jan 28, 2024
An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-50643 was published Jan 9, 2024
Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is... Critical Unreviewed
CVE-2023-49314 was published Nov 28, 2023
An issue was discovered in slicer69 doas before 6.2 on certain platforms other than OpenBSD. On... Critical Unreviewed
CVE-2019-15900 was published May 24, 2022
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new... Critical Unreviewed
CVE-2023-49238 was published Jan 9, 2024
MyQ Print Server before 8.2 patch 43 allows Unauthenticated Remote Code Execution. Critical Unreviewed
CVE-2024-22076 was published Jan 23, 2024
JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. Critical Unreviewed
CVE-2024-24029 was published Feb 2, 2024
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed
CVE-2024-23476 was published Feb 15, 2024
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution... Critical Unreviewed
CVE-2023-40057 was published Feb 15, 2024
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal... Critical Unreviewed
CVE-2024-23479 was published Feb 15, 2024
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x... Critical Unreviewed
CVE-2022-30310 was published Jun 14, 2022
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-5155 was published Feb 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-7081 was published Feb 15, 2024
File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-24393 was published Feb 9, 2024
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can... Critical Unreviewed
CVE-2024-22836 was published Feb 8, 2024
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to... Critical Unreviewed
CVE-2023-38646 was published Jul 21, 2023
DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 allows remote attackers to... Critical Unreviewed
CVE-2023-45887 was published Dec 20, 2023
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed
CVE-2024-23113 was published Feb 15, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed
CVE-2024-20738 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database