GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the...
High
Unreviewed
CVE-2024-50358
was published
Nov 26, 2024
Flowise OverrideConfig security vulnerability
High
GHSA-5cph-wvm9-45gj
was published
for
flowise
(npm)
Nov 21, 2024
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database...
High
Unreviewed
CVE-2024-10979
was published
Nov 14, 2024
github.com/gitpod-io/gitpod vulnerable to Cookie Tossing
Moderate
CVE-2024-21583
was published
for
github.com/gitpod-io/gitpod
(Go)
Jul 19, 2024
A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-4326
was published
May 16, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender...
High
Unreviewed
CVE-2023-6154
was published
Apr 1, 2024
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process...
High
Unreviewed
CVE-2024-1488
was published
Feb 15, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack
Moderate
CVE-2024-23639
was published
for
io.micronaut:micronaut-http-server
(Maven)
Feb 9, 2024
Unauthorized startup vulnerability of background apps. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-46764
was published
Nov 8, 2023
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed,...
Moderate
Unreviewed
CVE-2023-43323
was published
Sep 28, 2023
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior...
High
Unreviewed
CVE-2023-4704
was published
Sep 1, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3321
was published
Jul 24, 2023
Versions 00.07.00 through 00.07.03.4 of Teltonika’s RUT router firmware contain a packet dump...
High
Unreviewed
CVE-2023-32349
was published
Jul 6, 2023
in-toto vulnerable to Configuration Read From Local Directory
Moderate
CVE-2023-32076
was published
for
in-toto
(pip)
May 11, 2023
Some API functions allow interaction with the registry, which includes reading values as well as...
Critical
Unreviewed
CVE-2021-38453
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API