GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,355 advisories
Filter by severity
Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows...
High
Unreviewed
CVE-2024-11620
was published
Nov 28, 2024
The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is...
Critical
Unreviewed
CVE-2024-8672
was published
Nov 28, 2024
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID...
Critical
Unreviewed
CVE-2024-53604
was published
Nov 27, 2024
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in...
Critical
Unreviewed
CVE-2024-52959
was published
Nov 27, 2024
When handling keypress events, an attacker may have been able to trick a user into bypassing the ...
High
Unreviewed
CVE-2024-11697
was published
Nov 26, 2024
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of...
High
Unreviewed
CVE-2024-11699
was published
Nov 26, 2024
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-11002
was published
Nov 26, 2024
IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject...
High
Unreviewed
CVE-2024-52899
was published
Nov 26, 2024
A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of...
High
Unreviewed
CVE-2024-53554
was published
Nov 26, 2024
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form...
High
Unreviewed
CVE-2024-11034
was published
Nov 23, 2024
Possible Command injection Vulnerability
in iManager has been discovered in
OpenText™ iManager 3...
High
Unreviewed
CVE-2021-38117
was published
Nov 22, 2024
An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard...
Critical
Unreviewed
CVE-2024-51367
was published
Nov 21, 2024
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm...
Critical
Unreviewed
CVE-2024-52765
was published
Nov 20, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of...
Critical
Unreviewed
CVE-2024-10094
was published
Nov 20, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the...
High
Unreviewed
CVE-2024-10382
was published
Nov 20, 2024
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode...
High
Unreviewed
CVE-2024-10899
was published
Nov 20, 2024
The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in...
High
Unreviewed
CVE-2024-11036
was published
Nov 19, 2024
The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7...
High
Unreviewed
CVE-2024-11038
was published
Nov 19, 2024
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a...
High
Unreviewed
CVE-2024-50804
was published
Nov 18, 2024
Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of...
Critical
Unreviewed
CVE-2024-50919
was published
Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso...
Critical
Unreviewed
CVE-2024-52427
was published
Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic...
Critical
Unreviewed
CVE-2024-52434
was published
Nov 18, 2024
An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup...
High
Unreviewed
CVE-2024-52945
was published
Nov 18, 2024
The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all...
High
Unreviewed
CVE-2024-9839
was published
Nov 16, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
Moderate
Unreviewed
CVE-2024-10262
was published
Nov 16, 2024
ProTip!
Advisories are also available from the
GraphQL API