Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,777 advisories

Loading
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially... High Unreviewed
CVE-2024-39804 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in... High Unreviewed
CVE-2024-12741 was published Dec 18, 2024
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... High Unreviewed
CVE-2024-56049 was published Dec 18, 2024
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... High Unreviewed
CVE-2024-56055 was published Dec 18, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects... High Unreviewed
CVE-2024-54381 was published Dec 18, 2024
Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not... High Unreviewed
CVE-2024-56048 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56047 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56053 was published Dec 18, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page... High Unreviewed
CVE-2024-47810 was published Dec 18, 2024
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox... High Unreviewed
CVE-2024-49576 was published Dec 18, 2024
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-48889 was published Dec 18, 2024
An OS command injection vulnerability exists in the web interface configuration upload... High Unreviewed
CVE-2024-21786 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55984 was published Dec 18, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-54270 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55983 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54350 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55985 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55975 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56016 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-51646 was published Dec 18, 2024
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality... High Unreviewed
CVE-2024-56008 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56010 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database