GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7629
was published
Aug 21, 2024
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed...
Moderate
Unreviewed
CVE-2024-6337
was published
Aug 20, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the...
Moderate
Unreviewed
CVE-2023-6533
was published
Feb 21, 2024
The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2024-6850
was published
Sep 13, 2024
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank...
Moderate
Unreviewed
CVE-2024-9040
was published
Sep 20, 2024
The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-8093
was published
Sep 17, 2024
A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint...
Moderate
Unreviewed
CVE-2023-5310
was published
Dec 15, 2023
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and...
Moderate
Unreviewed
CVE-2023-6640
was published
Feb 21, 2024
Advantech ADAM-5630 shares user credentials plain text between the device and the user source...
Moderate
Unreviewed
CVE-2024-34542
was published
Sep 27, 2024
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64...
Moderate
Unreviewed
CVE-2024-37187
was published
Sep 27, 2024
TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML...
Moderate
Unreviewed
CVE-2024-45745
was published
Sep 27, 2024
Cross Site Scripting vulnerability in CodeAstro Membership Management System 1.0 allows attackers...
Moderate
Unreviewed
CVE-2024-46470
was published
Sep 27, 2024
An authenticated cross-site scripting (XSS) vulnerability in Piwigo v14.5.0 allows attackers to...
Moderate
Unreviewed
CVE-2024-46333
was published
Sep 27, 2024
A null-dereference vulnerability involving parsing requests specifying invalid protocols can...
Moderate
Unreviewed
CVE-2024-45863
was published
Sep 27, 2024
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks...
Moderate
Unreviewed
CVE-2024-7714
was published
Sep 27, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-9082
was published
Sep 22, 2024
The Review Ratings WordPress plugin through 1.6 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-8052
was published
Sep 17, 2024
The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8051
was published
Sep 17, 2024
The Enhanced Search Box WordPress plugin through 0.6.1 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2024-8091
was published
Sep 17, 2024
The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8092
was published
Sep 17, 2024
The Vikinghammer Tweet WordPress plugin through 0.2.4 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8043
was published
Sep 17, 2024
The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its...
Moderate
Unreviewed
CVE-2024-5170
was published
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API