GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,279

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,495 advisories

Filter by severity

Sort by

Least recently updated

File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-50660 was published Jan 7, 2025

A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic.... Moderate Unreviewed

CVE-2025-0295 was published Jan 7, 2025

Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP... Critical Unreviewed

CVE-2024-56278 was published Jan 7, 2025

The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator... High Unreviewed

CVE-2024-12471 was published Jan 7, 2025

The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing... Critical Unreviewed

CVE-2024-12252 was published Jan 7, 2025

The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is... Moderate Unreviewed

CVE-2024-12419 was published Jan 7, 2025

Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via \zb_users\theme\shell\template. Critical Unreviewed

CVE-2024-55529 was published Jan 6, 2025

A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage... Moderate Unreviewed

CVE-2023-6604 was published Jan 6, 2025

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file... Moderate Unreviewed

CVE-2023-6601 was published Jan 6, 2025

The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-11733 was published Jan 4, 2025

The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is... Moderate Unreviewed

CVE-2024-12238 was published Dec 29, 2024

An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive... High Unreviewed

CVE-2024-50715 was published Dec 27, 2024

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via... High Unreviewed

CVE-2024-54907 was published Dec 26, 2024

Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26)... Moderate Unreviewed

CVE-2024-12908 was published Dec 26, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script... Critical Unreviewed

CVE-2024-12652 was published Dec 26, 2024

The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-11977 was published Dec 21, 2024

A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed

CVE-2024-12729 was published Dec 19, 2024

A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system... High Unreviewed

CVE-2024-9154 was published Dec 19, 2024

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-12789 was published Dec 19, 2024

The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2024-11740 was published Dec 19, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed

CVE-2024-56051 was published Dec 18, 2024

A denial-of-service and possible remote code execution vulnerability exists in the Rockwell... Critical Unreviewed

CVE-2024-12372 was published Dec 18, 2024

A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... Critical Unreviewed

CVE-2023-34990 was published Dec 18, 2024

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed

CVE-2024-55085 was published Dec 17, 2024

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed

CVE-2024-37773 was published Dec 17, 2024

Previous 1 2 3 4 5 … 139 140 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,495 advisories