Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,620 advisories

Loading
The SKT Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed
CVE-2024-12848 was published Jan 9, 2025
pgAdmin has Incorrect Default Permissions High
CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed
CVE-2024-53705 was published Jan 9, 2025
A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote... High Unreviewed
CVE-2024-12806 was published Jan 9, 2025
Patch traversal, External Control of File Name or Path vulnerability in Iocharger Home allows... High Unreviewed
CVE-2024-43658 was published Jan 9, 2025
The CGI script <redacted>.sh can be used to download any file on the filesystem. This issue... High Unreviewed
CVE-2024-43660 was published Jan 9, 2025
The <redacted>.so library, which is used by <redacted>, is vulnerable to a buffer overflow in the... High Unreviewed
CVE-2024-43661 was published Jan 9, 2025
After gaining access to the firmware of a charging station, a file at <redacted> can be accessed... High Unreviewed
CVE-2024-43659 was published Jan 9, 2025
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low... High Unreviewed
CVE-2024-53706 was published Jan 9, 2025
A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This... High Unreviewed
CVE-2024-13206 was published Jan 9, 2025
A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This... High Unreviewed
CVE-2025-0306 was published Jan 9, 2025
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a... High Unreviewed
CVE-2024-27980 was published Jan 9, 2025
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy... High Unreviewed
CVE-2025-0283 was published Jan 9, 2025
Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to... High Unreviewed
CVE-2025-0291 was published Jan 8, 2025
SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access... High Unreviewed
CVE-2024-54818 was published Jan 8, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding... High Unreviewed
CVE-2024-56784 was published Jan 8, 2025
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21111 was published Jan 8, 2025
In the Linux kernel, the following vulnerability has been resolved: kunit: string-stream: Fix a... High Unreviewed
CVE-2024-56772 was published Jan 8, 2025
In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic... High Unreviewed
CVE-2023-35685 was published Jan 8, 2025
Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary... High Unreviewed
CVE-2024-51442 was published Jan 8, 2025
An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5.... High Unreviewed
CVE-2024-55517 was published Jan 8, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix... High Unreviewed
CVE-2024-56775 was published Jan 8, 2025
The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem &... High Unreviewed
CVE-2024-11423 was published Jan 8, 2025
The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-12854 was published Jan 8, 2025
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-12853 was published Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database