GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
94,038 advisories
Filter by severity
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component...
High
Unreviewed
CVE-2024-35365
was published
Jan 3, 2025
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-48814
was published
Jan 3, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high...
High
Unreviewed
CVE-2024-9138
was published
Jan 3, 2025
A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows
unauthenticated...
High
Unreviewed
CVE-2024-9950
was published
Jan 2, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are...
High
Unreviewed
CVE-2024-55543
was published
Jan 2, 2025
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-48758
was published
Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro allows Authentication...
High
Unreviewed
CVE-2024-39623
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56014
was published
Jan 2, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-56250
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56267
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56018
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56025
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56024
was published
Jan 2, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-56247
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56023
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56026
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56022
was published
Jan 2, 2025
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 allows...
High
Unreviewed
CVE-2023-47693
was published
Jan 2, 2025
Missing Authorization vulnerability in spider-themes EazyDocs allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-47648
was published
Jan 2, 2025
Missing Authorization vulnerability in David Cramer My Shortcodes allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-46632
was published
Jan 2, 2025
Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-47224
was published
Jan 2, 2025
Missing Authorization vulnerability in ByConsole WooODT Lite allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-47179
was published
Jan 2, 2025
Missing Authorization vulnerability in WPDeveloper BetterLinks allows Exploiting Incorrectly...
High
Unreviewed
CVE-2023-45104
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56069
was published
Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56034
was published
Jan 2, 2025
ProTip!
Advisories are also available from the
GraphQL API