Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,901 advisories

Loading
Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects... High Unreviewed
CVE-2024-54381 was published Dec 18, 2024
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in... High Unreviewed
CVE-2024-12741 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56047 was published Dec 18, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin... High Unreviewed
CVE-2024-55088 was published Dec 18, 2024
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox... High Unreviewed
CVE-2024-49576 was published Dec 18, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page... High Unreviewed
CVE-2024-47810 was published Dec 18, 2024
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-48889 was published Dec 18, 2024
An OS command injection vulnerability exists in the web interface configuration upload... High Unreviewed
CVE-2024-21786 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55983 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55975 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55984 was published Dec 18, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-54270 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-51646 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55985 was published Dec 18, 2024
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality... High Unreviewed
CVE-2024-56008 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56016 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54350 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56010 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49677 was published Dec 18, 2024
The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL... High Unreviewed
CVE-2024-11912 was published Dec 18, 2024
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary... High Unreviewed
CVE-2024-39703 was published Dec 18, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2024-53688 was published Dec 18, 2024
Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE... High Unreviewed
CVE-2024-47397 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database