GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
114,061 advisories
Filter by severity
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file...
Moderate
Unreviewed
CVE-2024-9417
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-9146
was published
Oct 5, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9161
was published
Oct 5, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin...
Moderate
Unreviewed
CVE-2024-8743
was published
Oct 5, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-8486
was published
Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-47841
was published
Oct 5, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo...
Moderate
Unreviewed
CVE-2024-47846
was published
Oct 5, 2024
The WP Cleanup and Basic Functions plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9455
was published
Oct 5, 2024
The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-9385
was published
Oct 5, 2024
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin...
Moderate
Unreviewed
CVE-2024-9528
was published
Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47847
was published
Oct 5, 2024
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS...
Moderate
Unreviewed
CVE-2024-47845
was published
Oct 5, 2024
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF)...
Moderate
Unreviewed
CVE-2024-45987
was published
Sep 26, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47840
was published
Oct 5, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia...
Moderate
Unreviewed
CVE-2024-47848
was published
Oct 5, 2024
OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
Moderate
CVE-2024-43795
was published
for
@openc3/tool-common
(RubyGems)
Oct 2, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Moderate
Unreviewed
CVE-2024-7801
was published
Oct 4, 2024
In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the...
Moderate
Unreviewed
CVE-2024-47911
was published
Oct 4, 2024
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of...
Moderate
Unreviewed
CVE-2024-47128
was published
Sep 26, 2024
OpenStack Ironic fails to verify checksums of supplied image_source URLs
Moderate
CVE-2024-47211
was published
for
ironic
(pip)
Oct 4, 2024
JSON-lib mishandles an unbalanced comment string
Moderate
CVE-2024-47855
was published
for
org.kordamp.json:json-lib-core
(Maven)
Oct 4, 2024
Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS
Moderate
CVE-2024-47765
was published
for
dev-lancer/minecraft-motd-parser
(Composer)
Oct 4, 2024
This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0...
Moderate
Unreviewed
CVE-2024-44207
was published
Oct 4, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check BIOS...
Moderate
Unreviewed
CVE-2024-46809
was published
Sep 27, 2024
ProTip!
Advisories are also available from the
GraphQL API