GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,538 advisories
Filter by severity
IPMI credentials may be captured in XCC audit log entries when the account username length is 16...
Moderate
Unreviewed
CVE-2024-8059
was published
Sep 13, 2024
A valid, authenticated LXCA user without sufficient privileges may be able to use the device...
Moderate
Unreviewed
CVE-2024-45104
was published
Sep 13, 2024
A vulnerability was found in JFinalCMS up to 1.0. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-8782
was published
Sep 13, 2024
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability...
Moderate
Unreviewed
CVE-2024-44685
was published
Sep 13, 2024
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin...
Moderate
Unreviewed
CVE-2024-44798
was published
Sep 13, 2024
The Eaton Foreseer software provides the feasibility for the user to configure external servers...
Moderate
Unreviewed
CVE-2024-31415
was published
Sep 13, 2024
The Eaton Foreseer software provides multiple customizable input fields for the users to...
Moderate
Unreviewed
CVE-2024-31416
was published
Sep 13, 2024
The Eaton Foreseer software provides users the capability to customize the dashboard in WebView...
Moderate
Unreviewed
CVE-2024-31414
was published
Sep 13, 2024
The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8714
was published
Sep 13, 2024
The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
Moderate
Unreviewed
CVE-2024-8732
was published
Sep 13, 2024
The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-8747
was published
Sep 13, 2024
The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the...
Moderate
Unreviewed
CVE-2024-8730
was published
Sep 13, 2024
The Cron Jobs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...
Moderate
Unreviewed
CVE-2024-8731
was published
Sep 13, 2024
The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
Moderate
Unreviewed
CVE-2024-8734
was published
Sep 13, 2024
The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-8737
was published
Sep 13, 2024
The Tweaker5 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’...
Moderate
Unreviewed
CVE-2024-5870
was published
Sep 13, 2024
The Triton Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url'...
Moderate
Unreviewed
CVE-2024-5789
was published
Sep 13, 2024
The Beauty theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-5884
was published
Sep 13, 2024
The Neighborly theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’...
Moderate
Unreviewed
CVE-2024-5869
was published
Sep 13, 2024
The Delicate theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link'...
Moderate
Unreviewed
CVE-2024-5867
was published
Sep 13, 2024
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions...
Moderate
Unreviewed
CVE-2024-6544
was published
Sep 13, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-8242
was published
Sep 13, 2024
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the...
Moderate
Unreviewed
CVE-2024-46049
was published
Sep 13, 2024
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
Moderate
Unreviewed
CVE-2024-46044
was published
Sep 13, 2024
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
Moderate
Unreviewed
CVE-2024-46046
was published
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API