GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,251
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236,448 advisories
Filter by severity
The Video Gallery – Best WordPress YouTube Gallery Plugin plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10247
was published
Dec 6, 2024
The Broadcast plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-11379
was published
Dec 6, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks...
Moderate
Unreviewed
CVE-2024-11201
was published
Dec 6, 2024
The WP Hide & Security Enhancer plugin for WordPress is vulnerable to arbitrary file contents...
High
Unreviewed
CVE-2024-11585
was published
Dec 6, 2024
The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due...
High
Unreviewed
CVE-2024-10578
was published
Dec 6, 2024
The Video Gallery – Best WordPress YouTube Gallery plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-9769
was published
Dec 6, 2024
The Flixita theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’...
Moderate
Unreviewed
CVE-2024-10836
was published
Dec 6, 2024
The 3DPrint Lite WordPress plugin before 2.1 does not have CSRF check in place when updating its...
Unknown
Unreviewed
CVE-2024-10480
was published
Dec 6, 2024
The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its...
Unknown
Unreviewed
CVE-2024-10551
was published
Dec 6, 2024
Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10...
High
Unreviewed
CVE-2024-8300
was published
Nov 29, 2024
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi...
High
Unreviewed
CVE-2024-8299
was published
Nov 29, 2024
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi...
High
Unreviewed
CVE-2024-9852
was published
Nov 29, 2024
An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17.4...
Moderate
Unreviewed
CVE-2024-23250
was published
Mar 8, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23253
was published
Mar 8, 2024
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14...
High
Unreviewed
CVE-2024-23235
was published
Mar 8, 2024
The Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up...
Critical
Unreviewed
CVE-2024-10961
was published
Nov 23, 2024
An authentication issue was addressed with improved state management. This issue is fixed in...
Critical
Unreviewed
CVE-2024-23255
was published
Mar 8, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-49041
was published
Dec 6, 2024
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
Moderate
Unreviewed
CVE-2024-11149
was published
Dec 6, 2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Unknown
Unreviewed
CVE-2021-0937
was published
Dec 6, 2024
In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer...
Unknown
Unreviewed
CVE-2017-13308
was published
Dec 6, 2024
In reboot_block_command of htc reboot_block driver, there is a possible
stack buffer overflow...
Unknown
Unreviewed
CVE-2018-9386
was published
Dec 6, 2024
In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of...
Unknown
Unreviewed
CVE-2018-9388
was published
Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-...
Unknown
Unreviewed
CVE-2024-30963
was published
Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain...
Unknown
Unreviewed
CVE-2024-38910
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API