GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
109,744 advisories
Filter by severity
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-6392
was published
Jul 12, 2024
NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects
Moderate
CVE-2022-29946
was published
for
github.com/nats-io/nats-server
(Go)
Jul 11, 2024
Login by Auth0 plugin for WordPress vulnerable to Reflected Cross-Site Scripting
Moderate
CVE-2023-6813
was published
for
auth0/wordpress
(Composer)
Jul 11, 2024
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting ...
Moderate
Unreviewed
CVE-2024-6485
was published
Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-6484
was published
Jul 11, 2024
A vulnerability, which was classified as critical, has been found in witmy my-springsecurity-plus...
Moderate
Unreviewed
CVE-2024-6681
was published
Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-6531
was published
Jul 11, 2024
A vulnerability classified as critical was found in witmy my-springsecurity-plus up to 2024-07-04...
Moderate
Unreviewed
CVE-2024-6680
was published
Jul 11, 2024
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2024-39532
was published
Jul 11, 2024
A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2024-39528
was published
Jul 11, 2024
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper...
Moderate
Unreviewed
CVE-2024-39537
was published
Jul 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2024-39539
was published
Jul 11, 2024
An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on...
Moderate
Unreviewed
CVE-2024-39533
was published
Jul 11, 2024
An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks...
Moderate
Unreviewed
CVE-2024-39553
was published
Jul 11, 2024
A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet...
Moderate
Unreviewed
CVE-2024-39536
was published
Jul 11, 2024
Red-DiscordBot vulnerable to Incorrect Authorization in commands API
Moderate
CVE-2024-39905
was published
for
Red-DiscordBot
(pip)
Jul 11, 2024
A vulnerability classified as critical has been found in witmy my-springsecurity-plus up to 2024...
Moderate
Unreviewed
CVE-2024-6679
was published
Jul 11, 2024
Wagtail regular expression denial-of-service via search query parsing
Moderate
CVE-2024-39317
was published
for
wagtail
(pip)
Jul 11, 2024
SurrealDB vulnerable to Improper Authentication when Changing Databases as Scope User
Moderate
GHSA-gh9f-6xm2-c4j2
was published
for
surrealdb
(Rust)
Jul 11, 2024
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
An attacker with write access to...
Moderate
Unreviewed
CVE-2024-38433
was published
Jul 11, 2024
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting')...
Moderate
Unreviewed
CVE-2024-6528
was published
Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4...
Moderate
Unreviewed
CVE-2024-5257
was published
Jul 11, 2024
The Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6256
was published
Jul 11, 2024
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not...
Moderate
Unreviewed
CVE-2024-6138
was published
Jul 11, 2024
The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6554
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API