GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,436 advisories
Filter by severity
FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via...
High
Unreviewed
CVE-2024-41290
was published
Oct 2, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W,...
High
Unreviewed
CVE-2024-20393
was published
Oct 2, 2024
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device...
High
Unreviewed
CVE-2024-8885
was published
Oct 2, 2024
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for...
High
Unreviewed
CVE-2024-44193
was published
Oct 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44030
was published
Oct 2, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-44017
was published
Oct 2, 2024
The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-7855
was published
Oct 2, 2024
The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient...
High
Unreviewed
CVE-2024-7315
was published
Oct 2, 2024
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip...
High
Unreviewed
CVE-2024-46080
was published
Oct 1, 2024
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip...
High
Unreviewed
CVE-2024-46084
was published
Oct 1, 2024
Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory...
High
Unreviewed
CVE-2024-9403
was published
Oct 1, 2024
A potential memory corruption vulnerability could be triggered if an attacker had the ability to...
High
Unreviewed
CVE-2024-9400
was published
Oct 1, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration...
High
Unreviewed
CVE-2024-25659
was published
Oct 1, 2024
It is currently unknown if this issue is exploitable but a condition may arise where the...
High
Unreviewed
CVE-2024-9396
was published
Oct 1, 2024
In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive...
High
Unreviewed
CVE-2024-25661
was published
Oct 1, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based...
High
Unreviewed
CVE-2024-9018
was published
Oct 1, 2024
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual...
High
Unreviewed
CVE-2024-9145
was published
Oct 1, 2024
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7432
was published
Oct 1, 2024
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7433
was published
Oct 1, 2024
The UltraPress theme for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-7434
was published
Oct 1, 2024
The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in...
High
Unreviewed
CVE-2024-7869
was published
Oct 1, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-8548
was published
Oct 1, 2024
Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote...
High
Unreviewed
CVE-2024-47295
was published
Oct 1, 2024
The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
High
Unreviewed
CVE-2024-8981
was published
Oct 1, 2024
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If...
High
Unreviewed
CVE-2024-47560
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API