GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,901 advisories
Filter by severity
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large...
Moderate
Unreviewed
CVE-2024-9199
was published
Sep 26, 2024
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress...
Moderate
Unreviewed
CVE-2024-8633
was published
Sep 26, 2024
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security...
Moderate
Unreviewed
CVE-2024-7107
was published
Sep 26, 2024
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST...
Moderate
Unreviewed
CVE-2024-47044
was published
Sep 26, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8861
was published
Sep 26, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9025
was published
Sep 26, 2024
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of...
Moderate
Unreviewed
CVE-2024-47337
was published
Sep 26, 2024
An information disclosure issue has been discovered in GitLab EE affecting all versions starting...
Moderate
Unreviewed
CVE-2024-4278
was published
Sep 26, 2024
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to...
Moderate
Unreviewed
CVE-2024-42406
was published
Sep 26, 2024
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup...
Moderate
Unreviewed
CVE-2023-52950
was published
Sep 26, 2024
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of...
Moderate
Unreviewed
CVE-2024-0133
was published
Sep 26, 2024
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active...
Moderate
Unreviewed
CVE-2023-52948
was published
Sep 26, 2024
Missing authentication for critical function vulnerability in proxy settings functionality in...
Moderate
Unreviewed
CVE-2023-52949
was published
Sep 26, 2024
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in...
Moderate
Unreviewed
CVE-2022-49040
was published
Sep 26, 2024
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup...
Moderate
Unreviewed
CVE-2022-49041
was published
Sep 26, 2024
Insertion of sensitive information into log file vulnerability in proxy settings component in...
Moderate
Unreviewed
CVE-2022-49037
was published
Sep 26, 2024
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive...
Moderate
Unreviewed
CVE-2022-49039
was published
Sep 26, 2024
Missing authentication for critical function vulnerability in logout functionality in Synology...
Moderate
Unreviewed
CVE-2023-52947
was published
Sep 26, 2024
Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share...
Moderate
Unreviewed
CVE-2024-47330
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-8405
was published
Sep 26, 2024
The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8803
was published
Sep 26, 2024
The 012 Ps Multi Languages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8723
was published
Sep 26, 2024
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due...
Moderate
Unreviewed
CVE-2024-8552
was published
Sep 26, 2024
Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2023-51157
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API