GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,849 advisories
Filter by severity
In drm service, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2024-39433
was published
Sep 27, 2024
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-8991
was published
Sep 27, 2024
In Logmanager service, there is a possible missing verification incorrect input. This could lead...
Moderate
Unreviewed
CVE-2024-39435
was published
Sep 27, 2024
The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-8965
was published
Sep 27, 2024
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks...
Moderate
Unreviewed
CVE-2024-7714
was published
Sep 27, 2024
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting...
Moderate
Unreviewed
CVE-2024-45986
was published
Sep 26, 2024
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users...
Moderate
Unreviewed
CVE-2024-8118
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-45374
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted
messages without any...
Moderate
Unreviewed
CVE-2024-43108
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin there is a vulnerability that makes it
possible to inject any...
Moderate
Unreviewed
CVE-2024-41722
was published
Sep 26, 2024
In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message...
Moderate
Unreviewed
CVE-2024-47127
was published
Sep 26, 2024
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of...
Moderate
Unreviewed
CVE-2024-47128
was published
Sep 26, 2024
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of...
Moderate
Unreviewed
CVE-2024-47129
was published
Sep 26, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the...
Moderate
Unreviewed
CVE-2024-47122
was published
Sep 26, 2024
The goTenna Pro series uses a weak password for the QR broadcast message. If the QR broadcast...
Moderate
Unreviewed
CVE-2024-47121
was published
Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are
stored along with a static...
Moderate
Unreviewed
CVE-2024-43694
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell...
Moderate
Unreviewed
CVE-2024-41715
was published
Sep 26, 2024
goTenna Pro ATAK Plugin by default enables frequent unencrypted
Position, Location and...
Moderate
Unreviewed
CVE-2024-43814
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management...
Moderate
Unreviewed
CVE-2024-45984
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation...
Moderate
Unreviewed
CVE-2024-45985
was published
Sep 26, 2024
The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional...
Moderate
Unreviewed
CVE-2024-47123
was published
Sep 26, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
A flaw was found in oVirt. A user with administrator privileges, including users with the...
Moderate
Unreviewed
CVE-2024-7259
was published
Sep 26, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-8771
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the...
Moderate
Unreviewed
CVE-2024-41931
was published
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API