GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,912
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,045
Maven 5,228
npm 3,737
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,268

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,777 advisories

Filter by severity

Sort by

Least recently updated

The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL... High Unreviewed

CVE-2024-11912 was published Dec 18, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2024-49677 was published Dec 18, 2024

Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE... High Unreviewed

CVE-2024-47397 was published Dec 18, 2024

In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary... High Unreviewed

CVE-2024-39703 was published Dec 18, 2024

Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0... High Unreviewed

CVE-2024-54457 was published Dec 18, 2024

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature.... High Unreviewed

CVE-2024-11614 was published Dec 18, 2024

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2024-53688 was published Dec 18, 2024

In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. High Unreviewed

CVE-2024-1610 was published Dec 18, 2024

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and... High Unreviewed

CVE-2024-56174 was published Dec 18, 2024

Authorization bypass through user-controlled key vulnerability in streaming service in Synology... High Unreviewed

CVE-2024-4464 was published Dec 18, 2024

The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation... High Unreviewed

CVE-2024-12259 was published Dec 18, 2024

The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover... High Unreviewed

CVE-2024-12432 was published Dec 18, 2024

The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy'... High Unreviewed

CVE-2024-12025 was published Dec 18, 2024

Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed

CVE-2024-47480 was published Dec 18, 2024

An issue in H3C switch h3c-S1526 allows a remote attacker to obtain sensitive information via the... High Unreviewed

CVE-2024-51175 was published Dec 18, 2024

Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited,... High Unreviewed

CVE-2024-10476 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-11422 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-12198 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed

CVE-2024-12179 was published Dec 17, 2024

A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-12192 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-12199 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-12191 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory... High Unreviewed

CVE-2024-12194 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory... High Unreviewed

CVE-2024-12178 was published Dec 17, 2024

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed

CVE-2024-12197 was published Dec 17, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

93,777 advisories