GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,206
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,109
Maven 5,284
npm 3,765
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 887
Swift 37

Unreviewed advisories

All unreviewed 243,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,801 advisories

Filter by severity

Sort by

Least recently updated

An Improper Validation of signature in Zscaler Client Connector on Windows allows an... Moderate Unreviewed

CVE-2023-28806 was published Aug 6, 2024

The Zscaler Updater process does not validate the digital signature of the installer before... Moderate Unreviewed

CVE-2024-23460 was published Aug 6, 2024

A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0... Moderate Unreviewed

CVE-2024-41333 was published Aug 6, 2024

Long pressing on a download link could potentially provide a means for cross-site scripting This... Moderate Unreviewed

CVE-2024-43112 was published Aug 6, 2024

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager... Moderate Unreviewed

CVE-2024-41911 was published Aug 6, 2024

A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by... Moderate Unreviewed

CVE-2024-7552 was published Aug 6, 2024

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager... Moderate Unreviewed

CVE-2024-41910 was published Aug 6, 2024

ID4Portais in version < V.2022.837.002a returns message parameter unsanitized in the response,... Moderate Unreviewed

CVE-2023-40819 was published Aug 6, 2024

Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can... Moderate Unreviewed

CVE-2024-7531 was published Aug 6, 2024

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-7551 was published Aug 6, 2024

K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of... Moderate Unreviewed

CVE-2024-36424 was published Aug 6, 2024

Select options could obscure the fullscreen notification dialog. This could be used by a... Moderate Unreviewed

CVE-2024-7518 was published Aug 6, 2024

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced... Moderate Unreviewed

CVE-2024-7524 was published Aug 6, 2024

Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence. Moderate Unreviewed

CVE-2024-6357 was published Aug 6, 2024

Privilege escalation vulnerability identified in OpenText ArcSight Intelligence. Moderate Unreviewed

CVE-2024-6359 was published Aug 6, 2024

Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. Moderate Unreviewed

CVE-2024-6358 was published Aug 6, 2024

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table... Moderate Unreviewed

CVE-2024-7246 was published Aug 6, 2024

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager... Moderate Unreviewed

CVE-2024-7317 was published Aug 6, 2024

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects... Moderate Unreviewed

CVE-2024-7055 was published Aug 6, 2024

The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter... Moderate Unreviewed

CVE-2024-6651 was published Aug 6, 2024

HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the... Moderate Unreviewed

CVE-2024-6201 was published Aug 6, 2024

The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does not validate and escape some of... Moderate Unreviewed

CVE-2024-6766 was published Aug 6, 2024

The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some... Moderate Unreviewed

CVE-2024-7082 was published Aug 6, 2024

The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise and escape some parameters,... Moderate Unreviewed

CVE-2024-7084 was published Aug 6, 2024

The WPBakery Visual Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-5708 was published Aug 6, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113,801 advisories