GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
930 advisories
Filter by severity
Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516...
Moderate
Unreviewed
CVE-2024-51122
was published
Feb 13, 2025
Remote code execution in alextselegidis/easyappointments
Moderate
CVE-2024-57601
was published
for
alextselegidis/easyappointments
(Composer)
Feb 13, 2025
The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-13814
was published
Feb 12, 2025
An issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to...
Moderate
Unreviewed
CVE-2024-33469
was published
Feb 12, 2025
The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data...
Moderate
Unreviewed
CVE-2024-7425
was published
Feb 7, 2025
An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2024-55241
was published
Feb 7, 2025
Plenti - Code Injection - Denial of Services
Moderate
GHSA-mj4v-hp69-27x5
was published
for
github.com/plentico/plenti
(Go)
Feb 5, 2025
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution...
Moderate
Unreviewed
CVE-2024-12415
was published
Jan 31, 2025
In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by...
Moderate
Unreviewed
CVE-2024-40673
was published
Jan 28, 2025
An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject...
Moderate
Unreviewed
CVE-2024-55504
was published
Jan 21, 2025
The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10970
was published
Jan 16, 2025
SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted...
Moderate
Unreviewed
CVE-2025-0060
was published
Jan 14, 2025
MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name...
Moderate
Unreviewed
CVE-2024-54999
was published
Jan 13, 2025
In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file...
Moderate
Unreviewed
CVE-2024-57487
was published
Jan 13, 2025
MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability...
Moderate
Unreviewed
CVE-2024-54997
was published
Jan 10, 2025
Vulnerability of improper access control in the home screen widget module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-56448
was published
Jan 8, 2025
A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic....
Moderate
Unreviewed
CVE-2025-0295
was published
Jan 7, 2025
The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-12419
was published
Jan 7, 2025
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file...
Moderate
Unreviewed
CVE-2023-6601
was published
Jan 6, 2025
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage...
Moderate
Unreviewed
CVE-2023-6604
was published
Jan 6, 2025
The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-12238
was published
Dec 29, 2024
Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26)...
Moderate
Unreviewed
CVE-2024-12908
was published
Dec 26, 2024
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12789
was published
Dec 19, 2024
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as...
Moderate
Unreviewed
CVE-2024-37773
was published
Dec 17, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2024-11012
was published
Dec 13, 2024
ProTip!
Advisories are also available from the
GraphQL API