GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
101,351 advisories
Filter by severity
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-12428
was published
Dec 25, 2024
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1609
was published
Dec 25, 2024
The WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and...
High
Unreviewed
CVE-2024-12272
was published
Dec 25, 2024
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart)....
High
Unreviewed
CVE-2019-2483
was published
Dec 24, 2024
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is...
High
Unreviewed
CVE-2024-12881
was published
Dec 24, 2024
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url ,...
High
Unreviewed
CVE-2024-12594
was published
Dec 24, 2024
A flaw was found in the skupper console, a read-only interface that renders cluster network,...
High
Unreviewed
CVE-2024-12582
was published
Dec 24, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of...
High
Unreviewed
CVE-2024-47515
was published
Dec 24, 2024
ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a...
High
Unreviewed
CVE-2024-53961
was published
Dec 23, 2024
Gogs allows argument Injection when tagging new releases
High
CVE-2024-39933
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Navidrome Stores JWT Secret in Plaintext in navidrome.db
High
CVE-2024-56362
was published
for
github.com/navidrome/navidrome
(Go)
Dec 23, 2024
Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails
High
CVE-2024-23945
was published
for
org.apache.hive:hive-service
(Maven)
Dec 23, 2024
Path Traversal in file update API in gogs
High
CVE-2024-55947
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Remote Command Execution in file editing in gogs
High
CVE-2024-54148
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A...
High
Unreviewed
CVE-2024-12903
was published
Dec 23, 2024
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine....
High
Unreviewed
CVE-2024-12902
was published
Dec 23, 2024
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection...
High
Unreviewed
CVE-2024-45721
was published
Dec 23, 2024
home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the...
High
Unreviewed
CVE-2024-54082
was published
Dec 23, 2024
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI...
High
Unreviewed
CVE-2024-56375
was published
Dec 23, 2024
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users...
High
Unreviewed
CVE-2024-56311
was published
Dec 22, 2024
REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a...
High
Unreviewed
CVE-2024-56310
was published
Dec 22, 2024
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to...
High
Unreviewed
CVE-2024-12066
was published
Dec 21, 2024
The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross...
High
Unreviewed
CVE-2024-12771
was published
Dec 21, 2024
The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object...
High
Unreviewed
CVE-2024-12721
was published
Dec 21, 2024
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-11977
was published
Dec 21, 2024
ProTip!
Advisories are also available from the
GraphQL API