GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,355 advisories

Filter by severity

Sort by

Least recently updated

A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Critical Unreviewed

CVE-2024-53604 was published Nov 27, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows... High Unreviewed

CVE-2024-11620 was published Nov 28, 2024

The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is... Critical Unreviewed

CVE-2024-8672 was published Nov 28, 2024

An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard... Critical Unreviewed

CVE-2024-51367 was published Nov 21, 2024

When handling keypress events, an attacker may have been able to trick a user into bypassing the ... High Unreviewed

CVE-2024-11697 was published Nov 26, 2024

An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute... Moderate Unreviewed

CVE-2024-51330 was published Nov 15, 2024

An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP... Critical Unreviewed

CVE-2024-44758 was published Nov 15, 2024

Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI). High Unreviewed

CVE-2023-33570 was published Jun 28, 2023

Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed

CVE-2024-11699 was published Nov 26, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite... High Unreviewed

CVE-2023-33466 was published Jun 29, 2023

A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of... High Unreviewed

CVE-2024-53554 was published Nov 26, 2024

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed

CVE-2024-52765 was published Nov 20, 2024

The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed

CVE-2024-11002 was published Nov 26, 2024

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject... High Unreviewed

CVE-2024-52899 was published Nov 26, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed

CVE-2024-28811 was published Sep 30, 2024

Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in... High Unreviewed

CVE-2024-6507 was published Jul 4, 2024

The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form... High Unreviewed

CVE-2024-11034 was published Nov 23, 2024

Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3... High Unreviewed

CVE-2021-38117 was published Nov 22, 2024

There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed

CVE-2024-10382 was published Nov 20, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed

CVE-2024-52434 was published Nov 18, 2024

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed

CVE-2024-10094 was published Nov 20, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed

CVE-2024-52427 was published Nov 18, 2024

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-10899 was published Nov 20, 2024

PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of... Critical Unreviewed

CVE-2024-50636 was published Nov 12, 2024

Previous 1 2 3 4 5 … 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,355 advisories