GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,214
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 37

Unreviewed advisories

All unreviewed 243,541

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Filter by severity

Sort by

Least recently updated

An issue in RAR Extractor - Unarchiver Free and Pro v.6.4.0 allows local attackers to inject... Moderate Unreviewed

CVE-2024-55504 was published Jan 21, 2025

In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by... Moderate Unreviewed

CVE-2024-40673 was published Jan 28, 2025

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly... Moderate Unreviewed

CVE-2024-6923 was published Aug 1, 2024

The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12415 was published Jan 31, 2025

A improper neutralization of special elements used in a template engine [CWE-1336] in... Moderate Unreviewed

CVE-2023-47542 was published Apr 9, 2024

** DISPUTED ** PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3... Moderate Unreviewed

CVE-2006-6975 was published May 1, 2022

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with... Moderate Unreviewed

CVE-2005-1876 was published May 1, 2022

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10970 was published Jan 16, 2025

Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,... Moderate Unreviewed

CVE-2024-28005 was published Mar 28, 2024

SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted... Moderate Unreviewed

CVE-2025-0060 was published Jan 14, 2025

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability... Moderate Unreviewed

CVE-2024-54997 was published Jan 10, 2025

MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name... Moderate Unreviewed

CVE-2024-54999 was published Jan 13, 2025

In Code-Projects Online Car Rental System 1.0, the file upload feature does not validate file... Moderate Unreviewed

CVE-2024-57487 was published Jan 13, 2025

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-12789 was published Dec 19, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed

CVE-2024-25706 was published Apr 4, 2024

Vulnerability of improper access control in the home screen widget module Impact: Successful... Moderate Unreviewed

CVE-2024-56448 was published Jan 8, 2025

A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed

CVE-2025-0295 was published Jan 7, 2025

The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-12419 was published Jan 7, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed

CVE-2023-6604 was published Jan 6, 2025

The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is... Moderate Unreviewed

CVE-2024-12238 was published Dec 29, 2024

Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26)... Moderate Unreviewed

CVE-2024-12908 was published Dec 26, 2024

An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an... Moderate Unreviewed

CVE-2024-55918 was published Dec 13, 2024

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed

CVE-2024-37773 was published Dec 17, 2024

The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2024-11012 was published Dec 13, 2024

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

847 advisories