Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,287
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,743
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,086 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55981 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55980 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55972 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55982 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55976 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55977 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55978 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55988 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed
CVE-2024-56012 was published Dec 16, 2024
Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege... Critical Unreviewed
CVE-2024-54363 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54361 was published Dec 16, 2024
Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality... Critical Unreviewed
CVE-2024-54369 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection... Critical Unreviewed
CVE-2024-54368 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo... Critical Unreviewed
CVE-2024-54370 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection... Critical Unreviewed
CVE-2024-54372 was published Dec 16, 2024
A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter... Critical Unreviewed
CVE-2024-49775 was published Dec 16, 2024
TenderDocTransfer from Chunghwa Telecom has a Reflected Cross-site scripting vulnerability. The... Critical Unreviewed
CVE-2024-12641 was published Dec 16, 2024
DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during... Critical Unreviewed
CVE-2024-55969 was published Dec 15, 2024
In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to... Critical Unreviewed
CVE-2023-29476 was published Dec 14, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed
CVE-2024-55956 was published Dec 13, 2024
Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-54293 was published Dec 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54292 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool... Critical Unreviewed
CVE-2024-54296 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp... Critical Unreviewed
CVE-2024-54295 was published Dec 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database