GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
830 advisories
Filter by severity
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as...
Moderate
Unreviewed
CVE-2024-37773
was published
Dec 17, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2024-11012
was published
Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution...
Moderate
Unreviewed
CVE-2024-12417
was published
Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-12420
was published
Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-12421
was published
Dec 13, 2024
An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an...
Moderate
Unreviewed
CVE-2024-55918
was published
Dec 13, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions...
Moderate
Unreviewed
CVE-2024-12333
was published
Dec 12, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-12350
was published
Dec 9, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-10909
was published
Dec 6, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User...
Moderate
Unreviewed
CVE-2024-10681
was published
Dec 6, 2024
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-11002
was published
Nov 26, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
Moderate
Unreviewed
CVE-2024-10262
was published
Nov 16, 2024
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute...
Moderate
Unreviewed
CVE-2024-51330
was published
Nov 15, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session...
Moderate
Unreviewed
CVE-2024-8069
was published
Nov 12, 2024
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6...
Moderate
Unreviewed
CVE-2024-46965
was published
Nov 11, 2024
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the...
Moderate
Unreviewed
CVE-2024-10505
was published
Oct 30, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of...
Moderate
Unreviewed
CVE-2024-48235
was published
Oct 26, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-48236
was published
Oct 26, 2024
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and...
Moderate
Unreviewed
CVE-2024-20485
was published
Oct 23, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Moderate
Unreviewed
CVE-2024-35315
was published
Oct 21, 2024
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow...
Moderate
Unreviewed
CVE-2024-41712
was published
Oct 21, 2024
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-27766
was published
Oct 18, 2024
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated...
Moderate
Unreviewed
CVE-2023-39593
was published
Oct 18, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API