GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,085 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-47645
was published
Oct 16, 2024
: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-48029
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object...
High
Unreviewed
CVE-2024-49226
was published
Oct 16, 2024
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter...
High
Unreviewed
CVE-2024-49227
was published
Oct 16, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49245
was published
Oct 16, 2024
: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-49251
was published
Oct 16, 2024
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on...
High
Unreviewed
CVE-2024-8040
was published
Oct 16, 2024
mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by...
High
Unreviewed
CVE-2023-32190
was published
Oct 16, 2024
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry...
High
Unreviewed
CVE-2024-6380
was published
Oct 16, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file...
High
Unreviewed
CVE-2020-36842
was published
Oct 16, 2024
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to authorization...
High
Unreviewed
CVE-2020-36840
was published
Oct 16, 2024
The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in...
High
Unreviewed
CVE-2021-4450
was published
Oct 16, 2024
The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site...
High
Unreviewed
CVE-2021-4452
was published
Oct 16, 2024
The Download Monitor plugin for WordPress is vulnerable to authorization bypass due to a missing...
High
Unreviewed
CVE-2022-4972
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code...
High
Unreviewed
CVE-2024-45711
was published
Oct 16, 2024
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege...
High
Unreviewed
CVE-2024-45710
was published
Oct 16, 2024
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing...
High
Unreviewed
CVE-2024-45715
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2023-7294
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-8507
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and...
High
Unreviewed
CVE-2024-8746
was published
Oct 16, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
The Paytium: Mollie payment forms & donations plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2023-7291
was published
Oct 16, 2024
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF...
High
Unreviewed
CVE-2024-45693
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all...
High
Unreviewed
CVE-2024-8918
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API