GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,647

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,308 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... Critical Unreviewed

CVE-2024-13264 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13277 was published Jan 9, 2025

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation... Critical Unreviewed

CVE-2024-13279 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue... Critical Unreviewed

CVE-2024-13278 was published Jan 9, 2025

Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing... Critical Unreviewed

CVE-2024-13280 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13281 was published Jan 9, 2025

Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. Critical Unreviewed

CVE-2024-13285 was published Jan 9, 2025

The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up... Critical Unreviewed

CVE-2024-10215 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed

CVE-2024-13258 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed

CVE-2024-13253 was published Jan 9, 2025

Improper Authorization vulnerability in Drupal Open Social allows Collect Data from Common... Critical Unreviewed

CVE-2024-13241 was published Jan 9, 2025

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication... Critical Unreviewed

CVE-2024-13239 was published Jan 9, 2025

Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource... Critical Unreviewed

CVE-2024-13242 was published Jan 9, 2025

Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms... Critical Unreviewed

CVE-2025-22504 was published Jan 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22542 was published Jan 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22540 was published Jan 9, 2025

The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite... Critical Unreviewed

CVE-2024-11642 was published Jan 9, 2025

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling... Critical Unreviewed

CVE-2024-12802 was published Jan 9, 2025

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker... Critical Unreviewed

CVE-2024-40765 was published Jan 9, 2025

Command injection in the <redacted> parameter of a <redacted>.exe request leads to remote code... Critical Unreviewed

CVE-2024-43648 was published Jan 9, 2025

Authenticated command injection in the filename of a <redacted>.exe request leads to remote code... Critical Unreviewed

CVE-2024-43649 was published Jan 9, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-43651 was published Jan 9, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-43650 was published Jan 9, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-43653 was published Jan 9, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-43652 was published Jan 9, 2025

Previous 1 2 … 5 6 7 8 9 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,308 advisories