Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

94,027 advisories

Loading
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This... High Unreviewed
CVE-2024-56214 was published Dec 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56212 was published Dec 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56210 was published Dec 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56228 was published Dec 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56223 was published Dec 31, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-56230 was published Dec 31, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Alexander Volkov WP Nice Loader allows Stored... High Unreviewed
CVE-2024-56232 was published Dec 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56233 was published Dec 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56226 was published Dec 31, 2024
The login mechanism via device authentication of CGFIDO from Changing Information Technology has... High Unreviewed
CVE-2024-12839 was published Dec 31, 2024
The passwordless login mechanism in CGFIDO from Changing Information Technology has an... High Unreviewed
CVE-2024-12838 was published Dec 31, 2024
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key... High Unreviewed
CVE-2024-13040 was published Dec 31, 2024
A flaw was found in the OpenShift build process, where the docker-build container is configured... High Unreviewed
CVE-2024-45497 was published Dec 31, 2024
iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability... High Unreviewed
CVE-2024-11944 was published Dec 30, 2024
Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12752 was published Dec 30, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12751 was published Dec 30, 2024
Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13045 was published Dec 30, 2024
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13051 was published Dec 30, 2024
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13044 was published Dec 30, 2024
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-13047 was published Dec 30, 2024
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13050 was published Dec 30, 2024
Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13048 was published Dec 30, 2024
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability... High Unreviewed
CVE-2024-13043 was published Dec 30, 2024
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13046 was published Dec 30, 2024
Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-13049 was published Dec 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database