GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,009
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,427
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,086

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

121,114 advisories

Filter by severity

Sort by

Least recently updated

The Giveaways and Contests by RafflePress WordPress plugin before 1.12.14 does not sanitise and... Moderate Unreviewed

CVE-2024-3963 was published Jul 13, 2024

The WordPress Button Plugin MaxButtons WordPress plugin before 9.7.8 does not sanitise and escape... Moderate Unreviewed

CVE-2024-3026 was published Jul 13, 2024

The Product Enquiry for WooCommerce WordPress plugin before 3.1.8 does not sanitise and escape... Moderate Unreviewed

CVE-2024-3964 was published Jul 13, 2024

The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.6.0 does not validate and... Moderate Unreviewed

CVE-2024-3710 was published Jul 13, 2024

The Hostel WordPress plugin before 1.1.5.3 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-3753 was published Jul 13, 2024

The socialdriver-framework WordPress plugin before 2024.04.30 does not sanitise and escape a... Moderate Unreviewed

CVE-2024-2870 was published Jul 13, 2024

The Support SVG WordPress plugin before 1.1.0 does not sanitize SVG file contents, which enables... Moderate Unreviewed

CVE-2024-4272 was published Jul 13, 2024

The SVG Block WordPress plugin before 1.1.20 does not sanitize SVG file contents, which enables... Moderate Unreviewed

CVE-2024-4269 was published Jul 13, 2024

The shortcodes-ultimate-pro WordPress plugin before 7.1.5 does not properly escape some of its... Moderate Unreviewed

CVE-2024-4217 was published Jul 13, 2024

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function... Moderate Unreviewed

CVE-2023-39329 was published Jul 13, 2024

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a... Moderate Unreviewed

CVE-2023-39327 was published Jul 13, 2024

StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows Directory Traversal by... Moderate Unreviewed

CVE-2024-31947 was published Jul 13, 2024

IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-40690 was published Jul 12, 2024

PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement... Moderate Unreviewed

CVE-2024-40547 was published Jul 12, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38716 was published Jul 12, 2024

Livechat messages can be leaked by combining two NoSQL injections affecting livechat:loginByToken... Moderate Unreviewed

CVE-2024-37405 was published Jul 12, 2024

Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects... Moderate Unreviewed

CVE-2024-37938 was published Jul 12, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38709 was published Jul 12, 2024

Missing Authorization vulnerability in Tobias Conrad Get Better Reviews for WooCommerce.This... Moderate Unreviewed

CVE-2024-37544 was published Jul 12, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO... Moderate Unreviewed

CVE-2024-37941 was published Jul 12, 2024

Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects... Moderate Unreviewed

CVE-2024-37939 was published Jul 12, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38715 was published Jul 12, 2024

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed

CVE-2024-38700 was published Jul 12, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-38704 was published Jul 12, 2024

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-6495 was published Jul 12, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

121,114 advisories