Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,281 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53817 was published Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53808 was published Dec 6, 2024
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly... High Unreviewed
CVE-2024-53805 was published Dec 6, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request... High Unreviewed
CVE-2024-54205 was published Dec 6, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-53821 was published Dec 6, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54208 was published Dec 6, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-53812 was published Dec 6, 2024
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via... High Unreviewed
CVE-2024-10776 was published Dec 6, 2024
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed
CVE-2024-21571 was published Dec 6, 2024
Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed
CVE-2024-10771 was published Dec 6, 2024
Since the firmware update is not validated, an attacker can install modified firmware on the... High Unreviewed
CVE-2024-10772 was published Dec 6, 2024
The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all... High Unreviewed
CVE-2024-10516 was published Dec 6, 2024
Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of... High Unreviewed
CVE-2024-10774 was published Dec 6, 2024
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed
CVE-2024-11289 was published Dec 6, 2024
The Verowa Connect plugin for WordPress is vulnerable to SQL Injection via the 'search_string'... High Unreviewed
CVE-2024-11460 was published Dec 6, 2024
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-11728 was published Dec 6, 2024
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename... High Unreviewed
CVE-2024-53142 was published Dec 6, 2024
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add... High Unreviewed
CVE-2024-53141 was published Dec 6, 2024
The AI Quiz | Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data... High Unreviewed
CVE-2024-11323 was published Dec 6, 2024
The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed
CVE-2024-11178 was published Dec 6, 2024
The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents... High Unreviewed
CVE-2024-11585 was published Dec 6, 2024
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due... High Unreviewed
CVE-2024-10578 was published Dec 6, 2024
The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10247 was published Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain... High Unreviewed
CVE-2024-38910 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed
CVE-2024-37862 was published Dec 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database