Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,872 advisories

Loading
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed
CVE-2024-12287 was published Dec 18, 2024
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially... Critical Unreviewed
CVE-2024-29224 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8972 was published Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed
CVE-2024-12356 was published Dec 17, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed
CVE-2024-10205 was published Dec 17, 2024
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed
CVE-2024-55085 was published Dec 17, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed
CVE-2024-52949 was published Dec 17, 2024
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to... Critical Unreviewed
CVE-2024-29671 was published Dec 17, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed
CVE-2024-55557 was published Dec 16, 2024
Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows... Critical Unreviewed
CVE-2024-54229 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54280 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed
CVE-2024-54285 was published Dec 16, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed
CVE-2024-43234 was published Dec 16, 2024
The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user... Critical Unreviewed
CVE-2024-11144 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55976 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55980 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55988 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55982 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55972 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55981 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55977 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55978 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed
CVE-2024-56012 was published Dec 16, 2024
Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege... Critical Unreviewed
CVE-2024-54363 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database