GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,123 advisories
Filter by severity
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information...
High
Unreviewed
CVE-2024-9627
was published
Oct 22, 2024
A post-authentication SQL Injection vulnerability within the filters parameter of the extensions...
High
Unreviewed
CVE-2024-9987
was published
Oct 22, 2024
A post-authentication arbitrary file read vulnerability within the server plugins section in...
High
Unreviewed
CVE-2024-35308
was published
Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization ...
High
Unreviewed
CVE-2024-48645
was published
Oct 21, 2024
Online Clinic Management System v1.0 was discovered to contain a SQL injection vulnerability via...
High
Unreviewed
CVE-2024-48597
was published
Oct 21, 2024
A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation....
High
Unreviewed
CVE-2024-6519
was published
Oct 21, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-47328
was published
Oct 21, 2024
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using...
High
Unreviewed
CVE-2024-8625
was published
Oct 21, 2024
Administrative Management System from Wellchoose does not properly validate uploaded file types,...
High
Unreviewed
CVE-2024-10201
was published
Oct 21, 2024
Administrative Management System from Wellchoose has an OS Command Injection vulnerability,...
High
Unreviewed
CVE-2024-10202
was published
Oct 21, 2024
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing...
High
Unreviewed
CVE-2024-10200
was published
Oct 21, 2024
Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. By processing...
High
Unreviewed
CVE-2024-43689
was published
Oct 21, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49612
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49613
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49609
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind...
High
Unreviewed
CVE-2024-49615
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind...
High
Unreviewed
CVE-2024-49617
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49614
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49616
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49619
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49618
was published
Oct 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-49620
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows...
High
Unreviewed
CVE-2024-49629
was published
Oct 20, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
High
Unreviewed
CVE-2024-44061
was published
Oct 20, 2024
ProTip!
Advisories are also available from the
GraphQL API