GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,251
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236,487 advisories
Filter by severity
Improper Validation of Array Index vulnerability in Apache NimBLE.
Lack of input validation for...
Moderate
Unreviewed
CVE-2024-47249
was published
Nov 26, 2024
Out-of-bounds Read vulnerability in Apache NimBLE.
Missing proper validation of HCI Number Of...
High
Unreviewed
CVE-2024-51569
was published
Nov 26, 2024
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Apache...
Moderate
Unreviewed
CVE-2024-47248
was published
Nov 26, 2024
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17....
Unknown
Unreviewed
CVE-2024-53908
was published
Dec 6, 2024
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL...
Moderate
Unreviewed
CVE-2024-11730
was published
Dec 6, 2024
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: add...
Unknown
Unreviewed
CVE-2024-53141
was published
Dec 6, 2024
The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and...
High
Unreviewed
CVE-2024-11289
was published
Dec 6, 2024
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL...
High
Unreviewed
CVE-2024-11728
was published
Dec 6, 2024
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL...
Moderate
Unreviewed
CVE-2024-11729
was published
Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-10909
was published
Dec 6, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User...
Moderate
Unreviewed
CVE-2024-10681
was published
Dec 6, 2024
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The...
Unknown
Unreviewed
CVE-2024-53907
was published
Dec 6, 2024
The Verowa Connect plugin for WordPress is vulnerable to SQL Injection via the 'search_string'...
High
Unreviewed
CVE-2024-11460
was published
Dec 6, 2024
In the Linux kernel, the following vulnerability has been resolved:
initramfs: avoid filename...
Unknown
Unreviewed
CVE-2024-53142
was published
Dec 6, 2024
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch...
Moderate
Unreviewed
CVE-2023-5625
was published
Nov 1, 2023
A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is...
Moderate
Unreviewed
CVE-2023-3347
was published
Jul 20, 2023
Out-of-bounds Read vulnerability in Apache NimBLE.
Missing proper validation of HCI advertising...
Moderate
Unreviewed
CVE-2024-47250
was published
Nov 26, 2024
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test...
Moderate
Unreviewed
CVE-2023-39418
was published
Aug 11, 2023
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba...
Moderate
Unreviewed
CVE-2023-34968
was published
Jul 20, 2023
The Friends plugin for WordPress is vulnerable to unauthorized access due to a missing capability...
Moderate
Unreviewed
CVE-2024-12028
was published
Dec 6, 2024
The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11823
was published
Dec 6, 2024
The WP Media Optimizer (.webp) plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-12060
was published
Dec 6, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9872
was published
Dec 6, 2024
The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9866
was published
Dec 6, 2024
The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up...
Moderate
Unreviewed
CVE-2024-12003
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API