GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
852 advisories
Filter by severity
Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516...
Moderate
Unreviewed
CVE-2024-51122
was published
Feb 13, 2025
An issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to...
Moderate
Unreviewed
CVE-2024-33469
was published
Feb 12, 2025
The The Global Gallery - WordPress Responsive Gallery plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-13814
was published
Feb 12, 2025
An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2024-55241
was published
Feb 7, 2025
The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data...
Moderate
Unreviewed
CVE-2024-7425
was published
Feb 7, 2025
An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject...
Moderate
Unreviewed
CVE-2024-55504
was published
Jan 21, 2025
In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by...
Moderate
Unreviewed
CVE-2024-40673
was published
Jan 28, 2025
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly...
Moderate
Unreviewed
CVE-2024-6923
was published
Aug 1, 2024
The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution...
Moderate
Unreviewed
CVE-2024-12415
was published
Jan 31, 2025
A improper neutralization of special elements used in a template engine [CWE-1336] in...
Moderate
Unreviewed
CVE-2023-47542
was published
Apr 9, 2024
** DISPUTED ** PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3...
Moderate
Unreviewed
CVE-2006-6975
was published
May 1, 2022
Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with...
Moderate
Unreviewed
CVE-2005-1876
was published
May 1, 2022
The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-10970
was published
Jan 16, 2025
Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,...
Moderate
Unreviewed
CVE-2024-28005
was published
Mar 28, 2024
SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted...
Moderate
Unreviewed
CVE-2025-0060
was published
Jan 14, 2025
MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability...
Moderate
Unreviewed
CVE-2024-54997
was published
Jan 10, 2025
MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name...
Moderate
Unreviewed
CVE-2024-54999
was published
Jan 13, 2025
In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file...
Moderate
Unreviewed
CVE-2024-57487
was published
Jan 13, 2025
A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12789
was published
Dec 19, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote...
Moderate
Unreviewed
CVE-2024-25706
was published
Apr 4, 2024
Vulnerability of improper access control in the home screen widget module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-56448
was published
Jan 8, 2025
A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic....
Moderate
Unreviewed
CVE-2025-0295
was published
Jan 7, 2025
The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-12419
was published
Jan 7, 2025
A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file...
Moderate
Unreviewed
CVE-2023-6601
was published
Jan 6, 2025
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage...
Moderate
Unreviewed
CVE-2023-6604
was published
Jan 6, 2025
ProTip!
Advisories are also available from the
GraphQL API