GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,184
Composer 5,320
Erlang 42
GitHub Actions 43
Go 3,164
Maven 6,299
npm 5,149
NuGet 863
pip 4,458
Pub 12
RubyGems 991
Rust 1,184
Swift 50

Unreviewed advisories

All unreviewed 293,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,413 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

As a manager, you should not be able to modify a series of settings. In the UI this is indeed... High Unreviewed

CVE-2024-0439 was published Feb 26, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce... Moderate Unreviewed

CVE-2024-1436 was published Feb 26, 2024

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack... High Unreviewed

CVE-2024-1847 was published Feb 28, 2024

Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed

CVE-2024-20738 was published Feb 15, 2024

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-0382 was published Feb 6, 2024

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-0255 was published Feb 6, 2024

During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the... Low Unreviewed

CVE-2024-1633 was published Feb 19, 2024

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-1073 was published Feb 2, 2024

Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R.... High Unreviewed

CVE-2024-1889 was published Feb 26, 2024

The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2023-7069 was published Feb 1, 2024

The WP Recipe Maker plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed

CVE-2024-0380 was published Feb 6, 2024

IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an... High Unreviewed

CVE-2022-41738 was published Feb 17, 2024

The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2023-7225 was published Jan 30, 2024

A directory traversal vulnerability exists in the F5OS QKView utility that allows an... Moderate Unreviewed

CVE-2024-23607 was published Feb 14, 2024

Unrestricted File Upload vulnerability in Content Manager feature in Gambio 4.9.2.0 allows... High Unreviewed

CVE-2024-23762 was published Feb 13, 2024

An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication... Moderate Unreviewed

CVE-2023-38372 was published Feb 29, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader... High Unreviewed

CVE-2024-24714 was published Feb 26, 2024

The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Recipe... Moderate Unreviewed

CVE-2024-0384 was published Feb 6, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores... Moderate Unreviewed

CVE-2024-21869 was published Feb 2, 2024

When LDAP remote authentication is configured on F5OS, a remote user without an assigned role... Moderate Unreviewed

CVE-2024-24966 was published Feb 14, 2024

IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10... Moderate Unreviewed

CVE-2023-50951 was published Feb 17, 2024

SQL Injection vulnerability in HiPresta "Gift Wrapping Pro" (hiadvancedgiftwrapping) module for... Critical Unreviewed

CVE-2024-24303 was published Feb 7, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows... High Unreviewed

CVE-2024-21752 was published Feb 29, 2024

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of... Moderate Unreviewed

CVE-2024-22332 was published Feb 9, 2024

Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects... Moderate Unreviewed

CVE-2024-27948 was published Feb 28, 2024

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

293,413 advisories