Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,146 advisories

Loading
Under certain circumstances exacqVision Web Services will not enforce secure web communications ... Moderate Unreviewed
CVE-2024-32864 was published Aug 1, 2024
A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0 and... Moderate Unreviewed
CVE-2024-7365 was published Aug 1, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Tracking... Moderate Unreviewed
CVE-2024-7363 was published Aug 1, 2024
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request... Moderate Unreviewed
CVE-2024-32863 was published Aug 1, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Tracking... Moderate Unreviewed
CVE-2024-7362 was published Aug 1, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting Moderate
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38772 was published Aug 1, 2024
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows... Moderate Unreviewed
CVE-2024-38791 was published Aug 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-38768 was published Aug 1, 2024
casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification Moderate
CVE-2024-41264 was published for github.com/casdoor/casdoor (Go) Aug 1, 2024
The Identity Server used by 1E Platform could enable URL redirection to untrusted sites. Note:... Moderate Unreviewed
CVE-2024-7211 was published Aug 1, 2024
A vulnerability classified as problematic has been found in SourceCodester Tracking Monitoring... Moderate Unreviewed
CVE-2024-7360 was published Aug 1, 2024
A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has... Moderate Unreviewed
CVE-2024-7359 was published Aug 1, 2024
A vulnerability classified as critical was found in SourceCodester Tracking Monitoring Management... Moderate Unreviewed
CVE-2024-7361 was published Aug 1, 2024
In parisneo/lollms-webui version v9.8, the lollms_binding_infos is missing the client_id... Moderate Unreviewed
CVE-2024-6040 was published Aug 1, 2024
Mattermost allows remote actor to set arbitrary RemoteId values for synced users Moderate
CVE-2024-41926 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost did not properly restrict channel creation Moderate
CVE-2024-39837 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost allows a remote actor to make an arbitrary local channel read-only Moderate
CVE-2024-41162 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost allows a user on a remote to set their remote username prop to an arbitrary string Moderate
CVE-2024-39839 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling Moderate
CVE-2024-39832 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost failed to disallow the modification of local users when syncing users in shared channels Moderate
CVE-2024-36492 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost failed to properly validate synced reactions Moderate
CVE-2024-29977 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. It has... Moderate Unreviewed
CVE-2024-7357 was published Aug 1, 2024
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly... Moderate Unreviewed
CVE-2024-6923 was published Aug 1, 2024
The Element Pack - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is... Moderate Unreviewed
CVE-2024-2455 was published Aug 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database