GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
293,413 advisories
Filter by severity
As a manager, you should not be able to modify a series of settings. In the UI this is indeed...
High
Unreviewed
CVE-2024-0439
was published
Feb 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce...
Moderate
Unreviewed
CVE-2024-1436
was published
Feb 26, 2024
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack...
High
Unreviewed
CVE-2024-1847
was published
Feb 28, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication...
Critical
Unreviewed
CVE-2024-20738
was published
Feb 15, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-0382
was published
Feb 6, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-0255
was published
Feb 6, 2024
During the secure boot, bl2 (the second stage of
the bootloader) loops over images defined in the...
Low
Unreviewed
CVE-2024-1633
was published
Feb 19, 2024
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-1073
was published
Feb 2, 2024
Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R....
High
Unreviewed
CVE-2024-1889
was published
Feb 26, 2024
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2023-7069
was published
Feb 1, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up...
Moderate
Unreviewed
CVE-2024-0380
was published
Feb 6, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an...
High
Unreviewed
CVE-2022-41738
was published
Feb 17, 2024
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2023-7225
was published
Jan 30, 2024
A directory traversal vulnerability exists in the F5OS QKView utility that allows an...
Moderate
Unreviewed
CVE-2024-23607
was published
Feb 14, 2024
Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows...
High
Unreviewed
CVE-2024-23762
was published
Feb 13, 2024
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication...
Moderate
Unreviewed
CVE-2023-38372
was published
Feb 29, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader...
High
Unreviewed
CVE-2024-24714
was published
Feb 26, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe...
Moderate
Unreviewed
CVE-2024-0384
was published
Feb 6, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores...
Moderate
Unreviewed
CVE-2024-21869
was published
Feb 2, 2024
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role...
Moderate
Unreviewed
CVE-2024-24966
was published
Feb 14, 2024
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10...
Moderate
Unreviewed
CVE-2023-50951
was published
Feb 17, 2024
SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for...
Critical
Unreviewed
CVE-2024-24303
was published
Feb 7, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows...
High
Unreviewed
CVE-2024-21752
was published
Feb 29, 2024
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of...
Moderate
Unreviewed
CVE-2024-22332
was published
Feb 9, 2024
Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects...
Moderate
Unreviewed
CVE-2024-27948
was published
Feb 28, 2024
ProTip!
Advisories are also available from the
GraphQL API