GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,254 advisories
Filter by severity
The The7 — Website and eCommerce Builder for WordPress theme for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5451
was published
Jun 25, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-32111
was published
Jun 25, 2024
WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions...
Moderate
Unreviewed
CVE-2024-6307
was published
Jun 25, 2024
Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2...
Moderate
Unreviewed
CVE-2024-28832
was published
Jun 25, 2024
Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows...
Moderate
Unreviewed
CVE-2024-28831
was published
Jun 25, 2024
WordPress Core is vulnerable to Stored Cross-Site Scripting via the Template Part Block in...
Moderate
Unreviewed
CVE-2024-6305
was published
Jun 25, 2024
WordPress Core is vulnerable to Directory Traversal in various versions up to 6.5.5 via the...
Moderate
Unreviewed
CVE-2024-6306
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
Moderate
Unreviewed
CVE-2024-4641
was published
Jun 25, 2024
The Zita Elementor Site Library plugin for WordPress is vulnerable to unauthorized modification...
Moderate
Unreviewed
CVE-2024-3249
was published
Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site...
Moderate
Unreviewed
CVE-2024-34141
was published
Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site...
Moderate
Unreviewed
CVE-2024-34142
was published
Jun 25, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows...
Moderate
Unreviewed
CVE-2024-22385
was published
Jun 25, 2024
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF)...
Moderate
Unreviewed
CVE-2021-45785
was published
Jun 24, 2024
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft...
Moderate
Unreviewed
CVE-2024-37679
was published
Jun 24, 2024
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site...
Moderate
Unreviewed
CVE-2024-37680
was published
Jun 24, 2024
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2024-37732
was published
Jun 24, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It...
Moderate
Unreviewed
CVE-2024-33880
was published
Jun 24, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Moderate
Unreviewed
CVE-2024-33881
was published
Jun 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
um: Add winch to...
Moderate
Unreviewed
CVE-2024-39292
was published
Jun 24, 2024
Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly...
Moderate
Unreviewed
CVE-2024-37233
was published
Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function...
Moderate
Unreviewed
CVE-2024-4839
was published
Jun 24, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross...
Moderate
Unreviewed
CVE-2024-36038
was published
Jun 24, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-4754
was published
Jun 24, 2024
A vulnerability, which was classified as critical, has been found in lahirudanushka School...
Moderate
Unreviewed
CVE-2024-6276
was published
Jun 24, 2024
ProTip!
Advisories are also available from the
GraphQL API