GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,904
Maven
5,000+
npm
3,635
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,688 advisories
Filter by severity
The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one...
Moderate
Unreviewed
CVE-2024-6845
was published
Sep 25, 2024
When multiple devices share resources and one of them is to be passed
through to a guest,...
High
Unreviewed
CVE-2024-31146
was published
Sep 25, 2024
Certain PCI devices in a system might be assigned Reserved Memory
Regions (specified via Reserved...
High
Unreviewed
CVE-2024-31145
was published
Sep 25, 2024
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS...
Moderate
Unreviewed
CVE-2024-40863
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS...
Moderate
Unreviewed
CVE-2024-44125
was published
Sep 17, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-7892
was published
Sep 25, 2024
Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before...
Moderate
Unreviewed
CVE-2015-1383
was published
May 17, 2022
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS...
Moderate
Unreviewed
CVE-2024-40860
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in Safari 18,...
Moderate
Unreviewed
CVE-2024-40857
was published
Sep 17, 2024
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2024-44187
was published
Sep 17, 2024
libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM...
Critical
Unreviewed
CVE-2024-31570
was published
Sep 19, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos...
High
Unreviewed
CVE-2024-2698
was published
Jun 12, 2024
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,...
Moderate
Unreviewed
CVE-2024-7878
was published
Sep 25, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and...
Moderate
Unreviewed
CVE-2024-44191
was published
Sep 17, 2024
An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS...
High
Unreviewed
CVE-2024-40856
was published
Sep 17, 2024
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-6154
was published
Jun 20, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-44176
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
Moderate
Unreviewed
CVE-2024-44124
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44135
was published
Sep 17, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is...
High
Unreviewed
CVE-2024-8316
was published
Sep 25, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is...
High
Unreviewed
CVE-2024-7576
was published
Sep 25, 2024
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer...
Unknown
Unreviewed
CVE-2024-46461
was published
Sep 25, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
Unknown
Unreviewed
CVE-2024-22892
was published
Sep 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43959
was published
Sep 25, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection...
High
Unreviewed
CVE-2024-7679
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API