GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,995

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,849 advisories

Filter by severity

Sort by

Least recently updated

In drm service, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed

CVE-2024-39433 was published Sep 27, 2024

The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-8991 was published Sep 27, 2024

In Logmanager service, there is a possible missing verification incorrect input. This could lead... Moderate Unreviewed

CVE-2024-39435 was published Sep 27, 2024

The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-8965 was published Sep 27, 2024

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks... Moderate Unreviewed

CVE-2024-7714 was published Sep 27, 2024

A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting... Moderate Unreviewed

CVE-2024-45986 was published Sep 26, 2024

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users... Moderate Unreviewed

CVE-2024-8118 was published Sep 26, 2024

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed

CVE-2024-45374 was published Sep 26, 2024

The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted messages without any... Moderate Unreviewed

CVE-2024-43108 was published Sep 26, 2024

In the goTenna Pro ATAK Plugin there is a vulnerability that makes it possible to inject any... Moderate Unreviewed

CVE-2024-41722 was published Sep 26, 2024

In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message... Moderate Unreviewed

CVE-2024-47127 was published Sep 26, 2024

The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of... Moderate Unreviewed

CVE-2024-47128 was published Sep 26, 2024

The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of... Moderate Unreviewed

CVE-2024-47129 was published Sep 26, 2024

In the goTenna Pro application, the encryption keys are stored along with a static IV on the... Moderate Unreviewed

CVE-2024-47122 was published Sep 26, 2024

The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast... Moderate Unreviewed

CVE-2024-47121 was published Sep 26, 2024

In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed

CVE-2024-43694 was published Sep 26, 2024

The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell... Moderate Unreviewed

CVE-2024-41715 was published Sep 26, 2024

goTenna Pro ATAK Plugin by default enables frequent unencrypted Position, Location and... Moderate Unreviewed

CVE-2024-43814 was published Sep 26, 2024

A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management... Moderate Unreviewed

CVE-2024-45984 was published Sep 26, 2024

A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation... Moderate Unreviewed

CVE-2024-45985 was published Sep 26, 2024

The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional... Moderate Unreviewed

CVE-2024-47123 was published Sep 26, 2024

Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information... Moderate Unreviewed

CVE-2024-45989 was published Sep 26, 2024

A flaw was found in oVirt. A user with administrator privileges, including users with the... Moderate Unreviewed

CVE-2024-7259 was published Sep 26, 2024

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed

CVE-2024-8771 was published Sep 26, 2024

The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the... Moderate Unreviewed

CVE-2024-41931 was published Sep 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,849 advisories