Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,762 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47387 was published Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47390 was published Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47391 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44034 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-47309 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44018 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-47323 was published Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47631 was published Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47632 was published Oct 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47647 was published Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a... Moderate Unreviewed
CVE-2024-47635 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44016 was published Oct 5, 2024
The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to limited file... Moderate Unreviewed
CVE-2024-9417 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44015 was published Oct 5, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9161 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44013 was published Oct 5, 2024
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9314 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44011 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-44012 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-9146 was published Oct 5, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2024-44014 was published Oct 5, 2024
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin... Moderate Unreviewed
CVE-2024-8743 was published Oct 5, 2024
A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This... High Unreviewed
CVE-2024-9532 was published Oct 5, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-8486 was published Oct 5, 2024
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. Critical Unreviewed
CVE-2024-24142 was published Feb 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database