GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,683 advisories
Filter by severity
SciPy creates insecure temporary directories
High
CVE-2013-4251
was published
for
scipy
(pip)
May 5, 2022
koji hub allows arbitrary upload destinations
Moderate
CVE-2019-17109
was published
for
koji
(pip)
May 24, 2022
Home Assistant information disclosure vulnerability
High
CVE-2018-21019
was published
for
homeassistant
(pip)
May 24, 2022
OpenStack Nova Server Resource Faults Leak External Exception Details
Moderate
CVE-2019-14433
was published
for
nova
(pip)
May 24, 2022
Unauthorized privilege escalation in Mod module
Moderate
CVE-2020-15278
was published
for
red-discordbot
(pip)
Oct 27, 2020
Duplicate Advisory: Unauthorized privilege escalation in Mod module
High
GHSA-q886-75m2-vff8
was published
for
red-discordbot
(pip)
May 24, 2022
•
withdrawn
Openstack ironic-inspector has SQL injection vulnerability in node_cache
High
CVE-2019-10141
was published
for
ironic-inspector
(pip)
May 24, 2022
LinOTP replay vulnerability with auto resynchronization enabled for TOTP token
High
CVE-2019-12887
was published
for
LinOTP
(pip)
May 24, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video...
Moderate
Unreviewed
CVE-2024-33584
was published
Apr 29, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta...
Moderate
Unreviewed
CVE-2024-33575
was published
Apr 29, 2024
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue...
Moderate
Unreviewed
CVE-2024-33641
was published
Apr 29, 2024
Missing Authorization vulnerability in ProFaceOff SSU.This issue affects SSU: from n/a through 1...
High
Unreviewed
CVE-2024-33597
was published
Apr 29, 2024
Missing Authorization vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS...
Moderate
Unreviewed
CVE-2024-33684
was published
Apr 29, 2024
Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue...
High
Unreviewed
CVE-2024-33635
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This...
Moderate
Unreviewed
CVE-2024-33634
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33544
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33546
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto...
Moderate
Unreviewed
CVE-2024-33629
was published
Apr 29, 2024
Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate...
High
Unreviewed
CVE-2024-33637
was published
Apr 29, 2024
Missing Authorization vulnerability in Real Big Plugins Client Dash.This issue affects Client...
Moderate
Unreviewed
CVE-2024-33652
was published
Apr 29, 2024
Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects...
Moderate
Unreviewed
CVE-2024-33636
was published
Apr 29, 2024
Missing Authorization vulnerability in Five Star Plugins Five Star Restaurant Reservations.This...
Moderate
Unreviewed
CVE-2024-33596
was published
Apr 29, 2024
Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore...
Critical
Unreviewed
CVE-2024-33553
was published
Apr 29, 2024
A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14....
Moderate
Unreviewed
CVE-2024-3192
was published
Apr 29, 2024
ProTip!
Advisories are also available from the
GraphQL API