Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117,844 advisories

Loading
A potential security vulnerability has been identified in the HPE NonStop DISK UTIL (T9208)... Moderate Unreviewed
CVE-2024-51766 was published Nov 22, 2024
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00... Moderate Unreviewed
CVE-2024-41781 was published Nov 22, 2024
Possible out of bound access in audio module due to lack of validation of user provided input. Moderate Unreviewed
CVE-2021-30299 was published Nov 22, 2024
Certain unprivileged processes are able to perform IOCTL calls. Moderate Unreviewed
CVE-2017-9711 was published Nov 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2024-7882 was published Nov 22, 2024
The Control horas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-11381 was published Nov 22, 2024
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10666 was published Nov 22, 2024
The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11225 was published Nov 22, 2024
The MailMunch – Grow your Email List plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8735 was published Nov 22, 2024
The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11355 was published Nov 22, 2024
The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and... Moderate Unreviewed
CVE-2024-10034 was published Nov 22, 2024
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed
CVE-2024-39290 was published Nov 22, 2024
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System... Moderate Unreviewed
CVE-2024-45837 was published Nov 22, 2024
AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed
CVE-2024-47142 was published Nov 22, 2024
Dell Edge Gateway 5200 (Coffee Lake S), versions prior to 12.0.94.2380, contains an Exposure of... Moderate Unreviewed
CVE-2024-38296 was published Nov 22, 2024
The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress... Moderate Unreviewed
CVE-2024-10482 was published Nov 22, 2024
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an... Moderate Unreviewed
CVE-2024-52054 was published Nov 22, 2024
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an... Moderate Unreviewed
CVE-2024-52056 was published Nov 22, 2024
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating... Moderate Unreviewed
CVE-2024-5029 was published Nov 22, 2024
SFTPGo allows administrators to restrict command execution from the EventManager Moderate
CVE-2024-52309 was published for github.com/drakkan/sftpgo/v2 (Go) Nov 21, 2024
hyperreality
Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable... Moderate Unreviewed
CVE-2024-49588 was published Nov 21, 2024
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'load_orders... Moderate Unreviewed
CVE-2024-9828 was published Nov 21, 2024
Searching Opencast may cause a denial of service Moderate
CVE-2024-52797 was published for org.opencastproject:opencast-elasticsearch-impl (Maven) Nov 20, 2024
cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs Moderate
GHSA-r4pg-vg54-wxx4 was published for github.com/cert-manager/cert-manager (Go) Nov 20, 2024
A vulnerability classified as problematic has been found in 115cms up to 20240807. This affects... Moderate Unreviewed
CVE-2024-11492 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database