GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,995 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35736
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35734
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35732
was published
Jun 8, 2024
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be...
High
Unreviewed
CVE-2024-37408
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35730
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35731
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35755
was published
Jun 8, 2024
A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue...
Low
Unreviewed
CVE-2024-5766
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35753
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35756
was published
Jun 8, 2024
The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5758
was published
Jun 8, 2024
The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-5654
was published
Jun 8, 2024
The Salon booking system plugin for WordPress is vulnerable to unauthorized access and...
Moderate
Unreviewed
CVE-2024-4468
was published
Jun 8, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
High
Unreviewed
CVE-2024-5091
was published
Jun 8, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-3668
was published
Jun 8, 2024
The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-4661
was published
Jun 8, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’...
Moderate
Unreviewed
CVE-2024-5613
was published
Jun 8, 2024
The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5087
was published
Jun 8, 2024
The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5770
was published
Jun 8, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’...
Moderate
Unreviewed
CVE-2024-5638
was published
Jun 8, 2024
The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5663
was published
Jun 8, 2024
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-0444
was published
Jun 8, 2024
Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a...
High
Unreviewed
CVE-2024-1694
was published
Jun 7, 2024
Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a...
High
Unreviewed
CVE-2023-7261
was published
Jun 7, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API