Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,705
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108,325 advisories

Loading
The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings,... Moderate Unreviewed
CVE-2024-10104 was published Nov 15, 2024
The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin... Moderate Unreviewed
CVE-2024-9529 was published Nov 15, 2024
Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote... Moderate Unreviewed
CVE-2024-50800 was published Nov 15, 2024
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed
CVE-2024-34397 was published May 7, 2024
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php. Moderate Unreviewed
CVE-2024-30872 was published Apr 1, 2024
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB... Moderate Unreviewed
CVE-2024-50145 was published Nov 7, 2024
A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause... Moderate Unreviewed
CVE-2024-49776 was published Nov 15, 2024
A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1... Moderate Unreviewed
CVE-2024-11259 was published Nov 15, 2024
A security bypass vulnerability exists in the Removable Media Encryption (RME)component of... Moderate Unreviewed
CVE-2024-3334 was published Nov 15, 2024
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability... Moderate Unreviewed
CVE-2024-49536 was published Nov 15, 2024
Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows an attacker to execute... Moderate Unreviewed
CVE-2024-51142 was published Nov 15, 2024
The web interface in RSA NetWitness 11.7.2.0 allows Cross-Site Scripting (XSS) via the Where... Moderate Unreviewed
CVE-2024-23169 was published Nov 15, 2024
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management... Moderate Unreviewed
CVE-2024-11258 was published Nov 15, 2024
A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when... Moderate Unreviewed
CVE-2024-11217 was published Nov 15, 2024
A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management... Moderate Unreviewed
CVE-2024-11257 was published Nov 15, 2024
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as... Moderate Unreviewed
CVE-2024-11256 was published Nov 15, 2024
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to... Moderate Unreviewed
CVE-2024-42680 was published Aug 15, 2024
A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to... Moderate Unreviewed
CVE-2024-41217 was published Nov 15, 2024
A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to... Moderate Unreviewed
CVE-2024-41206 was published Nov 15, 2024
Cross Site Scripting vulnerability in Virtuozzo Hybrid Server for WHMCS Open Source v.1.7.1... Moderate Unreviewed
CVE-2024-40579 was published Nov 15, 2024
Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before... Moderate Unreviewed
CVE-2021-29038 was published Feb 21, 2024
An issue in uverif v.2.0 allows a remote attacker to obtain sensitive information. Moderate Unreviewed
CVE-2024-26559 was published Feb 29, 2024
 VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22266 was published May 8, 2024
Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to... Moderate Unreviewed
CVE-2024-0407 was published Feb 21, 2024
A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-11127 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database