Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,899 advisories

Loading
Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege... Critical Unreviewed
CVE-2024-54363 was published Dec 16, 2024
Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This... Critical Unreviewed
CVE-2024-54367 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection... Critical Unreviewed
CVE-2024-54372 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection... Critical Unreviewed
CVE-2024-54368 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo... Critical Unreviewed
CVE-2024-54370 was published Dec 16, 2024
Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality... Critical Unreviewed
CVE-2024-54369 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54361 was published Dec 16, 2024
A vulnerability has been identified in Opcenter Execution Foundation (All versions), Opcenter... Critical Unreviewed
CVE-2024-49775 was published Dec 16, 2024
TenderDocTransfer from Chunghwa Telecom has a Reflected Cross-site scripting vulnerability. The... Critical Unreviewed
CVE-2024-12641 was published Dec 16, 2024
DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during... Critical Unreviewed
CVE-2024-55969 was published Dec 15, 2024
In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to... Critical Unreviewed
CVE-2023-29476 was published Dec 14, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed
CVE-2024-55956 was published Dec 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54292 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in appgenixinfotech... Critical Unreviewed
CVE-2024-54294 was published Dec 13, 2024
Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-54293 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp... Critical Unreviewed
CVE-2024-54295 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in www.vbsso.com vBSSO... Critical Unreviewed
CVE-2024-54297 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool... Critical Unreviewed
CVE-2024-54296 was published Dec 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54234 was published Dec 13, 2024
Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege... Critical Unreviewed
CVE-2024-54239 was published Dec 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54261 was published Dec 13, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed
CVE-2024-54262 was published Dec 13, 2024
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed
CVE-2024-54273 was published Dec 13, 2024
Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support... Critical Unreviewed
CVE-2022-46838 was published Dec 13, 2024
Improper input handling in the 'Host Header' allows an unauthenticated attacker to store a... Critical Unreviewed
CVE-2024-11986 was published Dec 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database