Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117,795 advisories

Loading
A vulnerability classified as critical has been found in Campcodes Online Examination System 1.0.... Moderate Unreviewed
CVE-2024-4912 was published May 15, 2024
An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to... Moderate Unreviewed
CVE-2024-34913 was published May 15, 2024
An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-34906 was published May 15, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed
CVE-2024-27244 was published May 15, 2024
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct... Moderate Unreviewed
CVE-2024-27243 was published May 15, 2024
An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute... Moderate Unreviewed
CVE-2024-34909 was published May 15, 2024
The key used to encrypt passwords stored in the database can be found in the CyberPower... Moderate Unreviewed
CVE-2024-32042 was published May 15, 2024
Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result... Moderate Unreviewed
CVE-2024-31409 was published May 15, 2024
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and... Moderate Unreviewed
CVE-2024-4908 was published May 15, 2024
A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based... Moderate Unreviewed
CVE-2024-4906 was published May 15, 2024
A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has... Moderate Unreviewed
CVE-2024-4909 was published May 15, 2024
A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and... Moderate Unreviewed
CVE-2024-4907 was published May 15, 2024
Ez Platform and Legacy are prone to an insecure interpretation of PHP/PHAR uploads Moderate
GHSA-pqjm-xcp8-wgmm was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
eZ Publish Legacy Cross-site Scripting (XSS) in 'disabled module' error template Moderate
GHSA-2vh3-cj9j-mcj5 was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
eZ Platform Prevent accepting app.php in URL in Platform.sh Moderate
GHSA-qhjc-hg94-245v was published for ezsystems/ezplatform (Composer) May 15, 2024
eZ Platform REST API returns list of all SiteAccesses Moderate
GHSA-9wwx-c723-vm8x was published for ezsystems/ezpublish-kernel (Composer) May 15, 2024
eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud) Moderate
GHSA-6xch-2vxx-5pvr was published for ezsystems/ezplatform (Composer) May 15, 2024
eZ Platform Editor Cross-site Scripting (XSS) Moderate
GHSA-4c2w-v5rq-5mx7 was published for ezsystems/ezplatform-admin-ui-assets (Composer) May 15, 2024
eZ Platform Bundled jQuery affected by CVE-2019-11358 Moderate
GHSA-jrpw-8884-2747 was published for ezsystems/ezplatform-admin-ui-assets (Composer) May 15, 2024
ezsystems/ez-support-tools Failing access control in system info view Moderate
GHSA-xmp3-7745-g4vj was published for ezsystems/ez-support-tools (Composer) May 15, 2024
endroid/qr-code-bundle File Disclosure via logo_path query parameter Moderate
GHSA-mvf6-3f2g-xfxf was published for endroid/qr-code-bundle (Composer) May 15, 2024
Drupal Cross-Site Scripting (XSS) affecting CKEditor Third-party library Moderate
GHSA-qf65-hph9-453r was published for drupal/drupal (Composer) May 15, 2024
Drupal core uses a vulnerable Third-party library CKEditor Moderate
GHSA-337w-fxpq-5m34 was published for drupal/drupal (Composer) May 15, 2024
Drupal core Open Redirect vulnerability Moderate
GHSA-wxfg-253g-m7r4 was published for drupal/drupal (Composer) May 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database