GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,852 advisories
Filter by severity
A flaw was found in oVirt. A user with administrator privileges, including users with the...
Moderate
Unreviewed
CVE-2024-7259
was published
Sep 26, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-8771
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin broadcast key name is always sent unencrypted and could reveal the...
Moderate
Unreviewed
CVE-2024-41931
was published
Sep 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management...
Moderate
Unreviewed
CVE-2024-45983
was published
Sep 26, 2024
Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function.
Moderate
Unreviewed
CVE-2024-46632
was published
Sep 26, 2024
The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially...
Moderate
Unreviewed
CVE-2024-30134
was published
Sep 26, 2024
Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to...
Moderate
Unreviewed
CVE-2024-9155
was published
Sep 26, 2024
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-9177
was published
Sep 26, 2024
An issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access...
Moderate
Unreviewed
CVE-2024-46327
was published
Sep 26, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to...
Moderate
Unreviewed
CVE-2024-31899
was published
Sep 26, 2024
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file...
Moderate
Unreviewed
CVE-2023-46175
was published
Sep 26, 2024
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various...
Moderate
Unreviewed
CVE-2024-8725
was published
Sep 26, 2024
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9117
was published
Sep 26, 2024
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-9127
was published
Sep 26, 2024
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large...
Moderate
Unreviewed
CVE-2024-9199
was published
Sep 26, 2024
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress...
Moderate
Unreviewed
CVE-2024-8633
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9173
was published
Sep 26, 2024
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9115
was published
Sep 26, 2024
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9125
was published
Sep 26, 2024
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST...
Moderate
Unreviewed
CVE-2024-47044
was published
Sep 26, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8861
was published
Sep 26, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9025
was published
Sep 26, 2024
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of...
Moderate
Unreviewed
CVE-2024-47337
was published
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API