GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

GitHub reviewed advisories

All reviewed 31,731
Composer 5,982
Erlang 73
GitHub Actions 53
Go 4,022
Maven 6,654
npm 6,501
NuGet 976
pip 5,356
Pub 13
RubyGems 1,069
Rust 1,403
Swift 61

Unreviewed advisories

All unreviewed 308,424

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,844 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component... Critical Unreviewed

CVE-2024-24186 was published Feb 7, 2024

Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter... Critical Unreviewed

CVE-2024-24133 was published Feb 7, 2024

SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before... Critical Unreviewed

CVE-2023-46914 was published Feb 7, 2024

SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for... Critical Unreviewed

CVE-2024-24303 was published Feb 7, 2024

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed

CVE-2024-24019 was published Feb 7, 2024

Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker... Critical Unreviewed

CVE-2024-1283 was published Feb 7, 2024

Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to... Critical Unreviewed

CVE-2024-1284 was published Feb 7, 2024

jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController:... Critical Unreviewed

CVE-2024-24001 was published Feb 7, 2024

jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com... Critical Unreviewed

CVE-2024-24002 was published Feb 7, 2024

jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com... Critical Unreviewed

CVE-2024-24004 was published Feb 7, 2024

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed

CVE-2024-24015 was published Feb 6, 2024

A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed

CVE-2024-24013 was published Feb 6, 2024

jshERP v3.3 is vulnerable to Arbitrary File Upload. The jshERP-boot/systemConfig/upload interface... Critical Unreviewed

CVE-2024-24000 was published Feb 6, 2024

A cross-site request forgery (CSRF) vulnerability in all versions of the api and web server... Critical Unreviewed

CVE-2024-24593 was published Feb 6, 2024

Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML... Critical Unreviewed

CVE-2024-24592 was published Feb 6, 2024

A cross-site scripting (XSS) vulnerability in all versions of the web server component of Allegro... Critical Unreviewed

CVE-2024-24594 was published Feb 6, 2024

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible Critical Unreviewed

CVE-2024-23917 was published Feb 6, 2024

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under... Critical Unreviewed

CVE-2024-25140 was published Feb 6, 2024

Memory corruption in Core while processing control functions. Critical Unreviewed

CVE-2023-33072 was published Feb 6, 2024

D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the... Critical Unreviewed

CVE-2024-22852 was published Feb 6, 2024

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed

CVE-2024-22853 was published Feb 6, 2024

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser... Critical Unreviewed

CVE-2023-6229 was published Feb 6, 2024

Buffer overflow in the Address Book username process in authentication of Mobile Device Function... Critical Unreviewed

CVE-2023-6232 was published Feb 6, 2024

Buffer overflow in CPCA Color LUT Resource Download process of Office Multifunction Printers and... Critical Unreviewed

CVE-2023-6234 was published Feb 6, 2024

Buffer overflow in the Address Book password process in authentication of Mobile Device Function... Critical Unreviewed

CVE-2023-6230 was published Feb 6, 2024

Previous 1…396…400 Next

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

30,844 advisories