GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,913 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-8950
was published
Dec 25, 2024
The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to...
Critical
Unreviewed
CVE-2024-52046
was published
Dec 25, 2024
The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all...
Critical
Unreviewed
CVE-2024-11281
was published
Dec 25, 2024
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can...
Critical
Unreviewed
CVE-2024-40896
was published
Dec 23, 2024
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be...
Critical
Unreviewed
CVE-2024-46873
was published
Dec 23, 2024
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,...
Critical
Unreviewed
CVE-2024-11349
was published
Dec 21, 2024
An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially...
Critical
Unreviewed
CVE-2024-28892
was published
Dec 20, 2024
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A...
Critical
Unreviewed
CVE-2024-21855
was published
Dec 20, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
is vulnerable to an...
Critical
Unreviewed
CVE-2024-51466
was published
Dec 20, 2024
The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is...
Critical
Unreviewed
CVE-2024-12571
was published
Dec 20, 2024
There is a command injection vulnerability in Huawei terminal printer product. Successful...
Critical
Unreviewed
CVE-2022-32203
was published
Dec 20, 2024
A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos...
Critical
Unreviewed
CVE-2024-12728
was published
Dec 19, 2024
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall...
Critical
Unreviewed
CVE-2024-12727
was published
Dec 19, 2024
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all...
Critical
Unreviewed
CVE-2021-26102
was published
Dec 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-10244
was published
Dec 19, 2024
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in...
Critical
Unreviewed
CVE-2024-12626
was published
Dec 19, 2024
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android...
Critical
Unreviewed
CVE-2023-4617
was published
Dec 19, 2024
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in...
Critical
Unreviewed
CVE-2024-11984
was published
Dec 19, 2024
Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege...
Critical
Unreviewed
CVE-2024-54383
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56052
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56054
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56057
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56050
was published
Dec 18, 2024
In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a...
Critical
Unreviewed
CVE-2024-47039
was published
Dec 18, 2024
There is a possible UAF due to a logic error in the code. This could lead to local escalation of...
Critical
Unreviewed
CVE-2024-47040
was published
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API