GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11,168 advisories
Filter by severity
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8845
was published
Nov 22, 2024
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8843
was published
Nov 22, 2024
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8848
was published
Nov 22, 2024
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8849
was published
Nov 22, 2024
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-8834
was published
Nov 22, 2024
A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0...
Low
Unreviewed
CVE-2024-11619
was published
Nov 22, 2024
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-5512
was published
Nov 22, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions...
Low
Unreviewed
CVE-2024-37046
was published
Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2024-50399
was published
Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2024-50398
was published
Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2024-50400
was published
Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2024-50401
was published
Nov 22, 2024
Apache Answer: Predictable Authorization Token Using UUIDv1
Low
CVE-2024-45719
was published
for
github.com/apache/incubator-answer
(Go)
Nov 22, 2024
Cross Site Scripting vulnerability in Gibbon before v.27.0.01 and fixed in v.28.0.00 allows a...
Low
Unreviewed
CVE-2024-51337
was published
Nov 21, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers
Low
CVE-2024-52796
was published
for
pwpush
(RubyGems)
Nov 20, 2024
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a...
Low
Unreviewed
CVE-2024-10515
was published
Nov 20, 2024
Missing Authorization vulnerability in ThemeIsle Otter - Gutenberg Block allows Exploiting...
Low
Unreviewed
CVE-2024-51671
was published
Nov 19, 2024
Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`
Low
CVE-2024-52587
was published
for
step-security/harden-runner
(GitHub Actions)
Nov 18, 2024
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when...
Low
Unreviewed
CVE-2024-5030
was published
Nov 18, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about...
Low
Unreviewed
CVE-2024-46383
was published
Nov 15, 2024
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows...
Low
Unreviewed
CVE-2022-1226
was published
Nov 15, 2024
A SQL Injection vulnerability was found in /admin/school_year.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50825
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50826
was published
Nov 14, 2024
A SQL Injection vulnerability was found in /admin/add_subject.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50827
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API