Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

109,744 advisories

Loading
The Payflex Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed
CVE-2024-0619 was published Jul 11, 2024
The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2024-6026 was published Jul 11, 2024
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block... Moderate Unreviewed
CVE-2024-4655 was published Jul 11, 2024
The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode... Moderate Unreviewed
CVE-2024-5444 was published Jul 11, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some... Moderate Unreviewed
CVE-2024-6025 was published Jul 11, 2024
External Control of Critical State Data (CWE-642) in the Controller 6000 and Controller 7000... Moderate Unreviewed
CVE-2024-22387 was published Jul 11, 2024
A vulnerability has been found in witmy my-springsecurity-plus up to 2024-07-03 and classified as... Moderate Unreviewed
CVE-2024-6676 was published Jul 11, 2024
A vulnerability classified as critical was found in mhuertos phpLDAPadmin up to... Moderate Unreviewed
CVE-2016-15039 was published Jul 11, 2024
External Control of File Name or Path (CWE-73) in the Controller 6000 and Controller 7000 allows... Moderate Unreviewed
CVE-2024-23317 was published Jul 11, 2024
The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to,... Moderate Unreviewed
CVE-2024-6210 was published Jul 11, 2024
Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore... Moderate Unreviewed
CVE-2024-23485 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... Moderate Unreviewed
CVE-2024-39561 was published Jul 11, 2024
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and... Moderate Unreviewed
CVE-2024-6650 was published Jul 11, 2024
A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-6652 was published Jul 11, 2024
A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical... Moderate Unreviewed
CVE-2024-6653 was published Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper... Moderate Unreviewed
CVE-2024-39511 was published Jul 11, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper... Moderate Unreviewed
CVE-2024-39513 was published Jul 11, 2024
A non-admin user can cause short-term disruption in Target VM availability in Citrix Provisioning Moderate Unreviewed
CVE-2024-6150 was published Jul 10, 2024
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 Moderate Unreviewed
CVE-2024-6148 was published Jul 10, 2024
Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 Moderate Unreviewed
CVE-2024-6149 was published Jul 10, 2024
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-5913 was published Jul 10, 2024
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to... Moderate Unreviewed
CVE-2024-5492 was published Jul 10, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1... Moderate Unreviewed
CVE-2024-6649 was published Jul 10, 2024
An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to... Moderate Unreviewed
CVE-2024-5912 was published Jul 10, 2024
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The... Moderate Unreviewed
CVE-2024-25076 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API