GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,129

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238,129 advisories

Filter by severity

Sort by

Least recently updated

In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty... Unknown Unreviewed

CVE-2024-53096 was published Nov 26, 2024

Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0... High Unreviewed

CVE-2024-54457 was published Dec 18, 2024

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature.... High Unreviewed

CVE-2024-11614 was published Dec 18, 2024

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2024-53688 was published Dec 18, 2024

The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-12287 was published Dec 18, 2024

Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE... High Unreviewed

CVE-2024-47397 was published Dec 18, 2024

The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2024-11295 was published Dec 18, 2024

In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary... High Unreviewed

CVE-2024-39703 was published Dec 18, 2024

A log spoofing flaw was found in the Tuned package due to improper sanitization of some API... Moderate Unreviewed

CVE-2024-52337 was published Nov 26, 2024

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM,... Moderate Unreviewed

CVE-2024-10573 was published Oct 31, 2024

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align... Unknown Unreviewed

CVE-2024-53144 was published Dec 17, 2024

In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. High Unreviewed

CVE-2024-1610 was published Dec 18, 2024

Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due... High Unreviewed

CVE-2024-21547 was published Dec 18, 2024

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and... Unknown Unreviewed

CVE-2024-56174 was published Dec 18, 2024

Authorization bypass through user-controlled key vulnerability in streaming service in Synology... High Unreviewed

CVE-2024-4464 was published Dec 18, 2024

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and... Unknown Unreviewed

CVE-2024-56173 was published Dec 18, 2024

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and... Unknown Unreviewed

CVE-2024-56175 was published Dec 18, 2024

The Accept Authorize.NET Payments Using Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12250 was published Dec 18, 2024

The Events Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-12061 was published Dec 18, 2024

The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover... High Unreviewed

CVE-2024-12432 was published Dec 18, 2024

The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is... Moderate Unreviewed

CVE-2024-12596 was published Dec 18, 2024

Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code... High Unreviewed

CVE-2024-21546 was published Dec 18, 2024

The Cost Calculator Builder WordPress plugin before 3.2.43 does not have CSRF checks in some AJAX... Unknown Unreviewed

CVE-2024-10892 was published Dec 18, 2024

The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12449 was published Dec 18, 2024

Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper... High Unreviewed

CVE-2024-21548 was published Dec 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

238,129 advisories