GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,086 advisories

Filter by severity

Sort by

Least recently updated

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-8271 was published Sep 16, 2024

Azure CycleCloud Remote Code Execution Vulnerability High Unreviewed

CVE-2024-43469 was published Sep 10, 2024

The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to... High Unreviewed

CVE-2024-8268 was published Sep 10, 2024

The The Affiliate Super Assistent plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-8478 was published Sep 10, 2024

AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url... High Unreviewed

CVE-2024-44724 was published Sep 9, 2024

A code injection vulnerability that allows a low-privileged user with REST API access granted to... High Unreviewed

CVE-2024-39715 was published Sep 7, 2024

A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC... High Unreviewed

CVE-2024-38651 was published Sep 7, 2024

The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0... High Unreviewed

CVE-2024-7627 was published Sep 5, 2024

An issue in the js_localize.php function of LimeSurvey v6.6.2 and before allows attackers to... High Unreviewed

CVE-2024-42902 was published Sep 3, 2024

Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit... High Unreviewed

CVE-2024-7345 was published Sep 3, 2024

UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via... High Unreviewed

CVE-2024-8374 was published Sep 3, 2024

A code execution vulnerability exists in the XiaomiGetApps application product. This... High Unreviewed

CVE-2023-26322 was published Aug 28, 2024

A code execution vulnerability exists in the XiaomiGetApps application product. This... High Unreviewed

CVE-2023-26324 was published Aug 28, 2024

A code execution vulnerability exists in the XiaomiGetApps application product. This... High Unreviewed

CVE-2024-45346 was published Aug 28, 2024

The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed

CVE-2024-7656 was published Aug 24, 2024

An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1... High Unreviewed

CVE-2024-42845 was published Aug 23, 2024

An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-42756 was published Aug 23, 2024

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below... High Unreviewed

CVE-2024-5466 was published Aug 23, 2024

The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-7559 was published Aug 23, 2024

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... High Unreviewed

CVE-2024-42599 was published Aug 22, 2024

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command... High Unreviewed

CVE-2024-42739 was published Aug 13, 2024

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command... High Unreviewed

CVE-2024-42745 was published Aug 12, 2024

A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote... High Unreviewed

CVE-2024-5651 was published Aug 12, 2024

A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live... High Unreviewed

CVE-2024-40487 was published Aug 12, 2024

Improper validation in a model specific register (MSR) could allow a malicious program with ring0... High Unreviewed

CVE-2023-31315 was published Aug 12, 2024

Previous 1 2 3 4 5 6 7 … 83 84 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,086 advisories