Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

267,045 advisories

Loading
Gophish vulnerable to Denial of Service via crafted payload involving autofocus High
CVE-2022-45003 was published for github.com/gophish/gophish (Go) Mar 22, 2023
Phusion Passenger denial of service Moderate
CVE-2025-26803 was published for passenger (RubyGems) Feb 24, 2025
OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template... High Unreviewed
CVE-2024-54954 was published Feb 10, 2025
The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or... Critical Unreviewed
CVE-2023-27569 was published Mar 21, 2023
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem... Critical Unreviewed
CVE-2023-26497 was published Mar 22, 2023
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker... High Unreviewed
CVE-2022-45636 was published Mar 21, 2023
Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager... Critical Unreviewed
CVE-2024-52052 was published Nov 22, 2024
TXOne StellarOne has an improper access control privilege escalation vulnerability in every... High Unreviewed
CVE-2023-25069 was published Mar 22, 2023
Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability. Moderate Unreviewed
CVE-2023-24278 was published Mar 18, 2023
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the... High Unreviewed
CVE-2023-27784 was published Mar 16, 2023
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute... High Unreviewed
CVE-2023-27707 was published Mar 16, 2023
Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute... Moderate Unreviewed
CVE-2023-27711 was published Mar 16, 2023
SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute... High Unreviewed
CVE-2023-27709 was published Mar 16, 2023
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers... Critical Unreviewed
CVE-2023-28617 was published Mar 19, 2023
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service... High Unreviewed
CVE-2023-27785 was published Mar 16, 2023
SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct... Unknown Unreviewed
CVE-2024-50685 was published Feb 26, 2025
There is a SQL injection issue in Esri ArcGIS Monitor versions 2023.0 through 2024.x on Windows... Moderate Unreviewed
CVE-2025-1726 was published Feb 26, 2025
SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware... Unknown Unreviewed
CVE-2024-50696 was published Feb 26, 2025
SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate... Unknown Unreviewed
CVE-2024-50691 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Unknown Unreviewed
CVE-2024-50693 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Unknown Unreviewed
CVE-2024-50686 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Unknown Unreviewed
CVE-2024-50687 was published Feb 26, 2025
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct... Unknown Unreviewed
CVE-2024-50689 was published Feb 26, 2025
SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt... Unknown Unreviewed
CVE-2024-50684 was published Feb 26, 2025
A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker... Unknown Unreviewed
CVE-2024-57423 was published Feb 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database