GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105,884 advisories
Filter by severity
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-9588
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9590
was published
Oct 22, 2024
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9591
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9589
was published
Oct 22, 2024
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9541
was published
Oct 22, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8852
was published
Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss...
Moderate
Unreviewed
CVE-2024-10003
was published
Oct 22, 2024
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H...
Moderate
Unreviewed
CVE-2024-9677
was published
Oct 22, 2024
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management...
Moderate
Unreviewed
CVE-2024-46238
was published
Oct 21, 2024
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0...
Moderate
Unreviewed
CVE-2024-46239
was published
Oct 21, 2024
Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial...
Moderate
Unreviewed
CVE-2024-31007
was published
Oct 21, 2024
In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords)...
Moderate
Unreviewed
CVE-2023-26562
was published
Feb 13, 2024
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-46237
was published
Oct 9, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-48709
was published
Oct 21, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-46236
was published
Oct 21, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4690
was published
Oct 16, 2024
In the Linux kernel, the following vulnerability has been resolved:
mm: avoid leaving partial...
Moderate
Unreviewed
CVE-2024-47674
was published
Oct 15, 2024
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to...
Moderate
Unreviewed
CVE-2015-8370
was published
May 14, 2022
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in...
Moderate
Unreviewed
CVE-2011-1142
was published
May 17, 2022
An attacker could have abused XSLT error handling to associate attacker-controlled content with...
Moderate
Unreviewed
CVE-2022-38472
was published
Dec 22, 2022
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow...
Moderate
Unreviewed
CVE-2023-6450
was published
Jan 19, 2024
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix state management...
Moderate
Unreviewed
CVE-2024-47669
was published
Oct 9, 2024
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds...
Moderate
Unreviewed
CVE-2018-12366
was published
May 14, 2022
A compromised IPC child process can escape the content sandbox and list the names of arbitrary...
Moderate
Unreviewed
CVE-2018-12365
was published
May 14, 2022
A flaw in DRBG number generation within the Network Security Services (NSS) library where the...
Moderate
Unreviewed
CVE-2017-5462
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API