GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
238,423 advisories
Filter by severity
A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0...
Unknown
Unreviewed
CVE-2024-56314
was published
Dec 23, 2024
A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2...
Moderate
Unreviewed
CVE-2024-12896
was published
Dec 23, 2024
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI...
Unknown
Unreviewed
CVE-2024-56375
was published
Dec 23, 2024
A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2...
Moderate
Unreviewed
CVE-2024-12897
was published
Dec 23, 2024
libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the...
Unknown
Unreviewed
CVE-2024-56378
was published
Dec 23, 2024
A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 15.0...
Unknown
Unreviewed
CVE-2024-56313
was published
Dec 23, 2024
A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through...
Unknown
Unreviewed
CVE-2024-56312
was published
Dec 23, 2024
REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a...
Unknown
Unreviewed
CVE-2024-56310
was published
Dec 22, 2024
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users...
Unknown
Unreviewed
CVE-2024-56311
was published
Dec 22, 2024
A vulnerability has been found in TreasureHuntGame TreasureHunt up to 963e0e0 and classified as...
Moderate
Unreviewed
CVE-2024-12895
was published
Dec 22, 2024
A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up...
Moderate
Unreviewed
CVE-2024-12894
was published
Dec 22, 2024
A vulnerability classified as critical has been found in code-projects Online Exam Mastering...
Moderate
Unreviewed
CVE-2024-12891
was published
Dec 22, 2024
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System...
Moderate
Unreviewed
CVE-2024-12892
was published
Dec 22, 2024
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to...
Moderate
Unreviewed
CVE-2024-12893
was published
Dec 22, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system...
High
Unreviewed
CVE-2024-9154
was published
Dec 19, 2024
A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-12890
was published
Dec 22, 2024
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and...
Moderate
Unreviewed
CVE-2024-11852
was published
Dec 22, 2024
A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-12884
was published
Dec 21, 2024
IBM i 7.3, 7.4, and 7.5
is vulnerable to server-side request forgery (SSRF). This may allow an...
Moderate
Unreviewed
CVE-2024-51463
was published
Dec 21, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By...
Moderate
Unreviewed
CVE-2024-51464
was published
Dec 21, 2024
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-12883
was published
Dec 21, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-10453
was published
Dec 21, 2024
The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver'...
Moderate
Unreviewed
CVE-2024-11688
was published
Dec 21, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the ...
Moderate
Unreviewed
CVE-2024-11722
was published
Dec 21, 2024
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-12591
was published
Dec 21, 2024
ProTip!
Advisories are also available from the
GraphQL API