GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,253
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,402
Pub
12
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236,667 advisories
Filter by severity
Insufficient validation of filenames against control characters in Apache Subversion repositories...
Low
Unreviewed
CVE-2024-46901
was published
Dec 9, 2024
Multiple access control vulnerabilities in Unifiedtransform version 2.0 and potentially earlier...
Moderate
Unreviewed
CVE-2024-12306
was published
Dec 9, 2024
A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially...
Moderate
Unreviewed
CVE-2024-12307
was published
Dec 9, 2024
An object-level access control vulnerability in Unifiedtransform version 2.0 and potentially...
Moderate
Unreviewed
CVE-2024-12305
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53282
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53285
was published
Dec 9, 2024
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12358
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53284
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53281
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53283
was published
Dec 9, 2024
A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-12359
was published
Dec 9, 2024
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has...
Moderate
Unreviewed
CVE-2024-12360
was published
Dec 9, 2024
The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings...
Unknown
Unreviewed
CVE-2024-9651
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53279
was published
Dec 9, 2024
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-12357
was published
Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-53280
was published
Dec 9, 2024
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and...
Unknown
Unreviewed
CVE-2024-55578
was published
Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An...
High
Unreviewed
CVE-2024-55579
was published
Dec 9, 2024
A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-12355
was published
Dec 9, 2024
nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.
Unknown
Unreviewed
CVE-2024-55565
was published
Dec 9, 2024
Oxide before 6 has unencrypted Control Plane datastores.
Moderate
Unreviewed
CVE-2024-55582
was published
Dec 9, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester Phone...
Moderate
Unreviewed
CVE-2024-12353
was published
Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR....
High
Unreviewed
CVE-2024-55580
was published
Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-12350
was published
Dec 9, 2024
A vulnerability classified as problematic was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316....
Moderate
Unreviewed
CVE-2024-12352
was published
Dec 9, 2024
ProTip!
Advisories are also available from the
GraphQL API