GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

817 advisories

Filter by severity

Sort by

Least recently updated

The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-10262 was published Nov 16, 2024

Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique... Moderate Unreviewed

CVE-2022-21928 was published Jan 12, 2022

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed

CVE-2024-8069 was published Nov 12, 2024

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an... Moderate Unreviewed

CVE-2024-3044 was published May 14, 2024

The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6... Moderate Unreviewed

CVE-2024-46965 was published Nov 11, 2024

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay... Moderate Unreviewed

CVE-2023-5800 was published Feb 5, 2024

Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed

CVE-2023-5677 was published Feb 5, 2024

Using a markup injection an attacker could have stolen nonce values. This could have been used to... Moderate Unreviewed

CVE-2024-2610 was published Mar 19, 2024

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed

CVE-2024-3786 was published Apr 15, 2024

Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti... Moderate Unreviewed

CVE-2022-42045 was published Jul 13, 2023

A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical.... Moderate Unreviewed

CVE-2024-9324 was published Sep 29, 2024

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side... Moderate Unreviewed

CVE-2024-3785 was published Apr 15, 2024

A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the... Moderate Unreviewed

CVE-2024-10505 was published Oct 30, 2024

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of... Moderate Unreviewed

CVE-2024-48235 was published Oct 26, 2024

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-48236 was published Oct 26, 2024

A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow... Moderate Unreviewed

CVE-2024-41712 was published Oct 21, 2024

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business... Moderate Unreviewed

CVE-2024-35315 was published Oct 21, 2024

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and... Moderate Unreviewed

CVE-2024-20485 was published Oct 23, 2024

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature... Moderate Unreviewed

CVE-2019-18792 was published May 24, 2022

An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-27766 was published Oct 18, 2024

Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated... Moderate Unreviewed

CVE-2023-39593 was published Oct 18, 2024

A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in... Moderate Unreviewed

CVE-2024-48744 was published Oct 16, 2024

An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A... Moderate Unreviewed

CVE-2024-41997 was published Oct 14, 2024

The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection... Moderate Unreviewed

CVE-2024-8760 was published Oct 12, 2024

OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute... Moderate Unreviewed

CVE-2024-45933 was published Oct 7, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

817 advisories