GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-9049
was published
Sep 27, 2024
Products for macOS enables a user logged on to the system to perform a denial-of-service attack,...
Moderate
Unreviewed
CVE-2024-6654
was published
Sep 27, 2024
Improper Certificate Validation in Checkmk Exchange plugin MikroTik allows attackers in MitM...
Moderate
Unreviewed
CVE-2024-38861
was published
Sep 27, 2024
The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-8965
was published
Sep 27, 2024
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks...
Moderate
Unreviewed
CVE-2024-7714
was published
Sep 27, 2024
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users...
Moderate
Unreviewed
CVE-2024-8118
was published
Sep 26, 2024
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting...
Moderate
Unreviewed
CVE-2024-45986
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management...
Moderate
Unreviewed
CVE-2024-45984
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation...
Moderate
Unreviewed
CVE-2024-45985
was published
Sep 26, 2024
The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional...
Moderate
Unreviewed
CVE-2024-47123
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted
messages without any...
Moderate
Unreviewed
CVE-2024-43108
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin there is a vulnerability that makes it
possible to inject any...
Moderate
Unreviewed
CVE-2024-41722
was published
Sep 26, 2024
In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message...
Moderate
Unreviewed
CVE-2024-47127
was published
Sep 26, 2024
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of...
Moderate
Unreviewed
CVE-2024-47128
was published
Sep 26, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of...
Moderate
Unreviewed
CVE-2024-47129
was published
Sep 26, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast...
Moderate
Unreviewed
CVE-2024-47121
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
goTenna Pro ATAK Plugin by default enables frequent unencrypted
Position, Location and...
Moderate
Unreviewed
CVE-2024-43814
was published
Sep 26, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management...
Moderate
Unreviewed
CVE-2024-45983
was published
Sep 26, 2024
Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.
Moderate
Unreviewed
CVE-2024-46632
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the...
Moderate
Unreviewed
CVE-2024-41931
was published
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API