GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
A vulnerability classified as problematic has been found in SourceCodester Online Railway...
Moderate
Unreviewed
CVE-2024-9299
was published
Sep 28, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
The WP MultiTasking – WP Utilities plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8189
was published
Sep 28, 2024
A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation...
Moderate
Unreviewed
CVE-2024-9300
was published
Sep 28, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9297
was published
Sep 28, 2024
Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2024-23924
was published
Sep 28, 2024
Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-23961
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass...
Moderate
Unreviewed
CVE-2024-23958
was published
Sep 28, 2024
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2024-23960
was published
Sep 28, 2024
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9296
was published
Sep 28, 2024
A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-9295
was published
Sep 28, 2024
The GTM Server Side plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8712
was published
Sep 28, 2024
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8788
was published
Sep 28, 2024
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8715
was published
Sep 28, 2024
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-9189
was published
Sep 28, 2024
The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-8547
was published
Sep 28, 2024
The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-9023
was published
Sep 28, 2024
A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to...
Moderate
Unreviewed
CVE-2024-9294
was published
Sep 28, 2024
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain...
Moderate
Unreviewed
CVE-2024-23586
was published
Sep 28, 2024
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events
Moderate
CVE-2024-47003
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Sep 26, 2024
LdapCherry Cross-site Scripting vulnerbaility
Moderate
CVE-2019-25095
was published
for
ldapcherry
(pip)
Jan 5, 2023
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
The configuration file stores credentials in cleartext. An attacker with local access rights can...
Moderate
Unreviewed
CVE-2024-6785
was published
Sep 21, 2024
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute...
Moderate
Unreviewed
CVE-2024-25411
was published
Sep 27, 2024
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an...
Moderate
Unreviewed
CVE-2023-39209
was published
Aug 9, 2023
ProTip!
Advisories are also available from the
GraphQL API