Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,587 advisories

Loading
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users... High Unreviewed
CVE-2024-56311 was published Dec 22, 2024
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2024-12771 was published Dec 21, 2024
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-12721 was published Dec 21, 2024
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12066 was published Dec 21, 2024
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-11977 was published Dec 21, 2024
The AirVantage platform is vulnerable to an unauthorized attacker registering previously... High Unreviewed
CVE-2023-31279 was published Dec 21, 2024
A command injection is possible through the user interface, allowing arbitrary command execution... High Unreviewed
CVE-2020-13712 was published Dec 21, 2024
Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows... High Unreviewed
CVE-2024-37758 was published Dec 20, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID) High
CVE-2024-56334 was published for systeminformation (npm) Dec 20, 2024
xAiluros
Oqtane Framework Incorrect Access Control vulnerability High
CVE-2024-55470 was published for Oqtane.Framework (NuGet) Dec 20, 2024
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting... High Unreviewed
CVE-2024-10385 was published Dec 20, 2024
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability High
CVE-2024-56337 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Dec 20, 2024
greengeko
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed
CVE-2024-12677 was published Dec 20, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable... High Unreviewed
CVE-2024-40695 was published Dec 20, 2024
Socialstream has a Potential Account Takeover Vulnerability in Social Account Linking Due to Missing User Consent After OAuth Callback High
CVE-2024-56329 was published for joelbutcher/socialstream (Composer) Dec 20, 2024
carlosmintfan
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2024-44211 was published Dec 20, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44231 was published Dec 20, 2024
This issue was addressed with improved validation of the process entitlement and Team ID. This... High Unreviewed
CVE-2023-42867 was published Dec 20, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1.... High Unreviewed
CVE-2024-44195 was published Dec 20, 2024
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed
CVE-2022-32144 was published Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-34159 was published Dec 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful... High Unreviewed
CVE-2022-32204 was published Dec 20, 2024
Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This... High Unreviewed
CVE-2024-12832 was published Dec 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database