GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
109,744 advisories
Filter by severity
The Payflex Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-0619
was published
Jul 11, 2024
The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2024-6026
was published
Jul 11, 2024
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block...
Moderate
Unreviewed
CVE-2024-4655
was published
Jul 11, 2024
The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode...
Moderate
Unreviewed
CVE-2024-5444
was published
Jul 11, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some...
Moderate
Unreviewed
CVE-2024-6025
was published
Jul 11, 2024
External Control of Critical State Data (CWE-642) in the Controller 6000 and Controller 7000...
Moderate
Unreviewed
CVE-2024-22387
was published
Jul 11, 2024
A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as...
Moderate
Unreviewed
CVE-2024-6676
was published
Jul 11, 2024
A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to...
Moderate
Unreviewed
CVE-2016-15039
was published
Jul 11, 2024
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows...
Moderate
Unreviewed
CVE-2024-23317
was published
Jul 11, 2024
The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to,...
Moderate
Unreviewed
CVE-2024-6210
was published
Jul 11, 2024
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore...
Moderate
Unreviewed
CVE-2024-23485
was published
Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)...
Moderate
Unreviewed
CVE-2024-39561
was published
Jul 11, 2024
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and...
Moderate
Unreviewed
CVE-2024-6650
was published
Jul 11, 2024
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2024-6652
was published
Jul 11, 2024
A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical...
Moderate
Unreviewed
CVE-2024-6653
was published
Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper...
Moderate
Unreviewed
CVE-2024-39511
was published
Jul 11, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper...
Moderate
Unreviewed
CVE-2024-39513
was published
Jul 11, 2024
A non-admin user can cause short-term disruption in Target VM availability in Citrix Provisioning
Moderate
Unreviewed
CVE-2024-6150
was published
Jul 10, 2024
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5
Moderate
Unreviewed
CVE-2024-6148
was published
Jul 10, 2024
Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5
Moderate
Unreviewed
CVE-2024-6149
was published
Jul 10, 2024
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an...
Moderate
Unreviewed
CVE-2024-5913
was published
Jul 10, 2024
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to...
Moderate
Unreviewed
CVE-2024-5492
was published
Jul 10, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1...
Moderate
Unreviewed
CVE-2024-6649
was published
Jul 10, 2024
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to...
Moderate
Unreviewed
CVE-2024-5912
was published
Jul 10, 2024
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The...
Moderate
Unreviewed
CVE-2024-25076
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API