GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,352

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

837 advisories

Filter by severity

Sort by

Least recently updated

There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed

CVE-2024-25706 was published Apr 4, 2024

Vulnerability of improper access control in the home screen widget module Impact: Successful... Moderate Unreviewed

CVE-2024-56448 was published Jan 8, 2025

A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed

CVE-2025-0295 was published Jan 7, 2025

The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-12419 was published Jan 7, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed

CVE-2023-6604 was published Jan 6, 2025

The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is... Moderate Unreviewed

CVE-2024-12238 was published Dec 29, 2024

Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26)... Moderate Unreviewed

CVE-2024-12908 was published Dec 26, 2024

An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an... Moderate Unreviewed

CVE-2024-55918 was published Dec 13, 2024

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed

CVE-2024-37773 was published Dec 17, 2024

The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2024-11012 was published Dec 13, 2024

The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12420 was published Dec 13, 2024

The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-12421 was published Dec 13, 2024

The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12417 was published Dec 13, 2024

The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed

CVE-2024-12333 was published Dec 12, 2024

A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed

CVE-2024-12350 was published Dec 9, 2024

Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,... Moderate Unreviewed

CVE-2024-28005 was published Mar 28, 2024

The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed

CVE-2024-10909 was published Dec 6, 2024

The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed

CVE-2024-10681 was published Dec 6, 2024

QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers... Moderate Unreviewed

CVE-2024-39165 was published Jul 4, 2024

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute... Moderate Unreviewed

CVE-2024-51330 was published Nov 15, 2024

The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed

CVE-2024-11002 was published Nov 26, 2024

The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-10262 was published Nov 16, 2024

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique... Moderate Unreviewed

CVE-2022-21928 was published Jan 12, 2022

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed

CVE-2024-8069 was published Nov 12, 2024

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

837 advisories