GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,784

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109,188 advisories

Filter by severity

Sort by

Least recently updated

A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13... Moderate Unreviewed

CVE-2024-11828 was published Nov 26, 2024

An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3... Moderate Unreviewed

CVE-2024-53619 was published Nov 26, 2024

A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows... Moderate Unreviewed

CVE-2024-53620 was published Nov 26, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5... Moderate Unreviewed

CVE-2024-8177 was published Nov 26, 2024

A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior... Moderate Unreviewed

CVE-2024-8237 was published Nov 26, 2024

An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv... Moderate Unreviewed

CVE-2024-48747 was published Nov 26, 2024

The Sugar Calendar – Simple Event Management plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-10878 was published Nov 26, 2024

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with... Moderate Unreviewed

CVE-2024-11407 was published Nov 26, 2024

A log spoofing flaw was found in the Tuned package due to improper sanitization of some API... Moderate Unreviewed

CVE-2024-52337 was published Nov 26, 2024

A stored cross-site scripting (XSS) vulnerability was identified in PHPGURUKUL Vehicle Parking... Moderate Unreviewed

CVE-2024-53365 was published Nov 26, 2024

A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS... Moderate Unreviewed

CVE-2024-53426 was published Nov 26, 2024

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in... Moderate Unreviewed

CVE-2024-53425 was published Nov 26, 2024

WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\\,... Moderate Unreviewed

CVE-2024-53930 was published Nov 26, 2024

The Formidable Forms WordPress plugin before 6.14.1 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-9768 was published Nov 26, 2024

The Page Parts plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed

CVE-2024-11360 was published Nov 26, 2024

The Subaccounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-11370 was published Nov 26, 2024

The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11354 was published Nov 26, 2024

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the... Moderate Unreviewed

CVE-2024-11320 was published Nov 26, 2024

The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-11388 was published Nov 26, 2024

The Crypto and DeFi Widgets – Web3 Cryptocurrency Shortcodes plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-11365 was published Nov 26, 2024

The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2024-11334 was published Nov 26, 2024

The Theater for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2024-11371 was published Nov 26, 2024

The Pure CSS Circle Progress bar plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11385 was published Nov 26, 2024

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and... Moderate Unreviewed

CVE-2024-36463 was published Nov 26, 2024

Missing thread synchronization primitives could have led to a data race on members of the... Moderate Unreviewed

CVE-2024-11708 was published Nov 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109,188 advisories