Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized... High Unreviewed
CVE-2024-53155 was published Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check... High Unreviewed
CVE-2024-53156 was published Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix... High Unreviewed
CVE-2024-53162 was published Dec 24, 2024
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is... High Unreviewed
CVE-2024-12881 was published Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of... High Unreviewed
CVE-2024-53150 was published Dec 24, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of... High Unreviewed
CVE-2024-47515 was published Dec 24, 2024
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url ,... High Unreviewed
CVE-2024-12594 was published Dec 24, 2024
A flaw was found in the skupper console, a read-only interface that renders cluster network,... High Unreviewed
CVE-2024-12582 was published Dec 24, 2024
ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a... High Unreviewed
CVE-2024-53961 was published Dec 23, 2024
Gogs allows argument Injection when tagging new releases High
CVE-2024-39933 was published for gogs.io/gogs (Go) Dec 23, 2024
swapgs
Navidrome Stores JWT Secret in Plaintext in navidrome.db High
CVE-2024-56362 was published for github.com/navidrome/navidrome (Go) Dec 23, 2024
saisathvik1
Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails High
CVE-2024-23945 was published for org.apache.hive:hive-service (Maven) Dec 23, 2024
SQL injection in Apache Traffic Control High
CVE-2024-45387 was published for github.com/apache/trafficcontrol/v8 (Go) Dec 23, 2024
Path Traversal in file update API in gogs High
CVE-2024-55947 was published for gogs.io/gogs (Go) Dec 23, 2024
ManassehZhou
Remote Command Execution in file editing in gogs High
CVE-2024-54148 was published for gogs.io/gogs (Go) Dec 23, 2024
ManassehZhou
Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A... High Unreviewed
CVE-2024-12903 was published Dec 23, 2024
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine.... High Unreviewed
CVE-2024-12902 was published Dec 23, 2024
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection... High Unreviewed
CVE-2024-45721 was published Dec 23, 2024
home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the... High Unreviewed
CVE-2024-54082 was published Dec 23, 2024
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI... High Unreviewed
CVE-2024-56375 was published Dec 23, 2024
REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a... High Unreviewed
CVE-2024-56310 was published Dec 22, 2024
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users... High Unreviewed
CVE-2024-56311 was published Dec 22, 2024
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2024-12771 was published Dec 21, 2024
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12721 was published Dec 21, 2024
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12066 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database