GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,123 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-47325
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows...
High
Unreviewed
CVE-2024-49335
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS...
High
Unreviewed
CVE-2024-49605
was published
Oct 20, 2024
: Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows...
High
Unreviewed
CVE-2024-49608
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Apa APA Register Newsletter Form allows SQL...
High
Unreviewed
CVE-2024-49621
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Apa Apa Banner Slider allows SQL Injection...
High
Unreviewed
CVE-2024-49622
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49623
was published
Oct 20, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been...
High
Unreviewed
CVE-2024-10194
was published
Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49323
was published
Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49334
was published
Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49606
was published
Oct 20, 2024
Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are...
High
Unreviewed
CVE-2024-21536
was published
Oct 19, 2024
A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability...
High
Unreviewed
CVE-2024-10130
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29213
was published
Oct 19, 2024
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by...
High
Unreviewed
CVE-2024-10123
was published
Oct 18, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-49243
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49240
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49238
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49239
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49224
was published
Oct 18, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification,...
High
Unreviewed
CVE-2024-10078
was published
Oct 18, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-49570
was published
Oct 18, 2024
ProTip!
Advisories are also available from the
GraphQL API