Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,762 advisories

Loading
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to... Moderate Unreviewed
CVE-2024-28835 was published Mar 21, 2024
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Moderate
CVE-2024-30045 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) May 14, 2024
IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00... Moderate Unreviewed
CVE-2024-41781 was published Nov 22, 2024
A potential security vulnerability has been identified in the HPE NonStop DISK UTIL (T9208)... Moderate Unreviewed
CVE-2024-51766 was published Nov 22, 2024
IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote... Critical Unreviewed
CVE-2024-41779 was published Nov 22, 2024
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8373 was published for angular (npm) Sep 9, 2024
Possible out of bound access in audio module due to lack of validation of user provided input. Moderate Unreviewed
CVE-2021-30299 was published Nov 22, 2024
Certain unprivileged processes are able to perform IOCTL calls. Moderate Unreviewed
CVE-2017-9711 was published Nov 22, 2024
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non... Moderate Unreviewed
CVE-2024-22020 was published Jul 9, 2024
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept... Moderate Unreviewed
CVE-2023-7008 was published Dec 23, 2023
Undertow Path Traversal vulnerability Moderate
CVE-2024-1459 was published for io.undertow:undertow-core (Maven) Feb 12, 2024
OrangeDog
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a... High Unreviewed
CVE-2022-1304 was published Apr 15, 2022
Grafana's users with permissions to create a data source can CRUD all data sources High
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
A vulnerability has been identified in Node.js, affecting users of the experimental permission... Low Unreviewed
CVE-2024-36137 was published Sep 7, 2024
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8372 was published for angular (npm) Sep 9, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post... High Unreviewed
CVE-2024-11104 was published Nov 22, 2024
The Control horas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-11381 was published Nov 22, 2024
The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does... Unknown Unreviewed
CVE-2024-9422 was published Nov 22, 2024
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10666 was published Nov 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-7837 was published Nov 22, 2024
The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11225 was published Nov 22, 2024
The MailMunch – Grow your Email List plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8735 was published Nov 22, 2024
The Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post... High Unreviewed
CVE-2024-11601 was published Nov 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2024-7882 was published Nov 22, 2024
The Ultimate YouTube Video & Shorts Player With Vimeo plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11355 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database