Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,354 advisories

Loading
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through... High Unreviewed
CVE-2024-53291 was published Dec 25, 2024
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges... High Unreviewed
CVE-2024-47978 was published Dec 25, 2024
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs... High Unreviewed
CVE-2024-52535 was published Dec 25, 2024
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-12428 was published Dec 25, 2024
The WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and... High Unreviewed
CVE-2024-12272 was published Dec 25, 2024
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation. High Unreviewed
CVE-2024-1609 was published Dec 25, 2024
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart).... High Unreviewed
CVE-2019-2483 was published Dec 24, 2024
The PlugVersions – Easily rollback to previous versions of your plugins plugin for WordPress is... High Unreviewed
CVE-2024-12881 was published Dec 24, 2024
A flaw was found in the skupper console, a read-only interface that renders cluster network,... High Unreviewed
CVE-2024-12582 was published Dec 24, 2024
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of... High Unreviewed
CVE-2024-47515 was published Dec 24, 2024
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url ,... High Unreviewed
CVE-2024-12594 was published Dec 24, 2024
ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a... High Unreviewed
CVE-2024-53961 was published Dec 23, 2024
Gogs allows argument Injection when tagging new releases High
CVE-2024-39933 was published for gogs.io/gogs (Go) Dec 23, 2024
swapgs
Navidrome Stores JWT Secret in Plaintext in navidrome.db High
CVE-2024-56362 was published for github.com/navidrome/navidrome (Go) Dec 23, 2024
saisathvik1
Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails High
CVE-2024-23945 was published for org.apache.hive:hive-service (Maven) Dec 23, 2024
Path Traversal in file update API in gogs High
CVE-2024-55947 was published for gogs.io/gogs (Go) Dec 23, 2024
ManassehZhou
Remote Command Execution in file editing in gogs High
CVE-2024-54148 was published for gogs.io/gogs (Go) Dec 23, 2024
ManassehZhou
Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A... High Unreviewed
CVE-2024-12903 was published Dec 23, 2024
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine.... High Unreviewed
CVE-2024-12902 was published Dec 23, 2024
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection... High Unreviewed
CVE-2024-45721 was published Dec 23, 2024
home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the... High Unreviewed
CVE-2024-54082 was published Dec 23, 2024
An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI... High Unreviewed
CVE-2024-56375 was published Dec 23, 2024
REDCap through 15.0.0 has a security flaw in the Project Dashboards name, exposing users to a... High Unreviewed
CVE-2024-56310 was published Dec 22, 2024
REDCap through 15.0.0 has a security flaw in the Notes section of calendar events, exposing users... High Unreviewed
CVE-2024-56311 was published Dec 22, 2024
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12066 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database