GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
238,517 advisories
Filter by severity
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through...
High
Unreviewed
CVE-2024-53291
was published
Dec 25, 2024
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1
could allow a non-privileged local user to exploit a...
Moderate
Unreviewed
CVE-2024-52906
was published
Dec 25, 2024
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were...
Low
Unreviewed
CVE-2023-5117
was published
Dec 25, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-8950
was published
Dec 25, 2024
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1
could allow a non-privileged local user to exploit a...
Moderate
Unreviewed
CVE-2024-47102
was published
Dec 25, 2024
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a...
Moderate
Unreviewed
CVE-2024-39725
was published
Dec 25, 2024
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges...
High
Unreviewed
CVE-2024-47978
was published
Dec 25, 2024
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link...
Moderate
Unreviewed
CVE-2024-39727
was published
Dec 25, 2024
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs...
High
Unreviewed
CVE-2024-52535
was published
Dec 25, 2024
The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to...
Critical
Unreviewed
CVE-2024-52046
was published
Dec 25, 2024
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-10862
was published
Dec 25, 2024
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Information Exposure in all...
Moderate
Unreviewed
CVE-2024-12335
was published
Dec 25, 2024
The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all...
Critical
Unreviewed
CVE-2024-11281
was published
Dec 25, 2024
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages...
Moderate
Unreviewed
CVE-2024-12636
was published
Dec 25, 2024
The Jetpack WordPress plugin before 14.1 does not properly checks the postmessage origin in its...
Unknown
Unreviewed
CVE-2024-10858
was published
Dec 25, 2024
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-12428
was published
Dec 25, 2024
The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin |...
Moderate
Unreviewed
CVE-2024-12032
was published
Dec 25, 2024
The WP Travel Engine – Elementor Widgets | Create Travel Booking Website Using WordPress and...
High
Unreviewed
CVE-2024-12272
was published
Dec 25, 2024
The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-12413
was published
Dec 25, 2024
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1609
was published
Dec 25, 2024
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &...
Moderate
Unreviewed
CVE-2024-12190
was published
Dec 25, 2024
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart)....
High
Unreviewed
CVE-2019-2483
was published
Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath9k: add range check...
Unknown
Unreviewed
CVE-2024-53156
was published
Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (nct6775-core) Fix...
Unknown
Unreviewed
CVE-2024-53159
was published
Dec 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
EDAC/bluefield: Fix...
Unknown
Unreviewed
CVE-2024-53161
was published
Dec 24, 2024
ProTip!
Advisories are also available from the
GraphQL API