GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
231,357 advisories
Filter by severity
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information...
High
Unreviewed
CVE-2024-9627
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-9588
was published
Oct 22, 2024
A post-authentication SQL Injection vulnerability within the filters parameter of the extensions...
High
Unreviewed
CVE-2024-9987
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9590
was published
Oct 22, 2024
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9591
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9589
was published
Oct 22, 2024
A post-authentication arbitrary file read vulnerability within the server plugins section in...
High
Unreviewed
CVE-2024-35308
was published
Oct 22, 2024
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-9541
was published
Oct 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
media: pci: cx23885: check...
Unknown
Unreviewed
CVE-2023-52918
was published
Oct 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
nfc: nci: fix possible NULL...
Unknown
Unreviewed
CVE-2023-52919
was published
Oct 22, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8852
was published
Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss...
Moderate
Unreviewed
CVE-2024-10003
was published
Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H...
Moderate
Unreviewed
CVE-2024-9677
was published
Oct 22, 2024
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management...
Moderate
Unreviewed
CVE-2024-46238
was published
Oct 21, 2024
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0...
Moderate
Unreviewed
CVE-2024-46239
was published
Oct 21, 2024
Buffer Overflow vulnerability in IrfanView 32bit v.4.66 allows a local attacker to cause a denial...
Moderate
Unreviewed
CVE-2024-31007
was published
Oct 21, 2024
In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization ...
High
Unreviewed
CVE-2024-48645
was published
Oct 21, 2024
Inappropriate implementation in iframe in Google Chrome prior to 77.0.3865.75 allowed a remote...
Critical
Unreviewed
CVE-2019-25154
was published
Jul 17, 2024
Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build 4005 allows a...
High
Unreviewed
CVE-2023-38960
was published
Feb 14, 2024
In J2eeFAST <=2.7, the backend function has unsafe filtering, which allows an attacker to trigger...
Critical
Unreviewed
CVE-2024-45944
was published
Oct 18, 2024
In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords)...
Moderate
Unreviewed
CVE-2023-26562
was published
Feb 13, 2024
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using...
High
Unreviewed
CVE-2024-8625
was published
Oct 21, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID...
Critical
Unreviewed
CVE-2024-47945
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API