GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
366 advisories
Filter by severity
The Download Manager plugin for WordPress is vulnerable to unauthorized download of password...
Moderate
Unreviewed
CVE-2024-11768
was published
Dec 19, 2024
A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This...
Moderate
Unreviewed
CVE-2024-12483
was published
Dec 12, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization...
Moderate
Unreviewed
CVE-2024-43729
was published
Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Authorization...
Moderate
Unreviewed
CVE-2024-43731
was published
Dec 11, 2024
An authenticated user with API access (e.g.: user with default User role), more specifically a...
High
Unreviewed
CVE-2024-36467
was published
Nov 27, 2024
The Booking & Appointment Plugin for WooCommerce plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10729
was published
Nov 26, 2024
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM)...
Moderate
Unreviewed
CVE-2020-3539
was published
Nov 18, 2024
Azure CycleCloud Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43602
was published
Nov 12, 2024
A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This...
Moderate
Unreviewed
CVE-2024-10598
was published
Nov 1, 2024
Improper authorization in some Intel(R) PM software may allow a privileged user to potentially...
Moderate
Unreviewed
CVE-2023-38135
was published
Oct 25, 2024
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that...
High
Unreviewed
CVE-2024-9235
was published
Oct 25, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress...
Moderate
Unreviewed
CVE-2024-9531
was published
Oct 24, 2024
The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a...
Moderate
Unreviewed
CVE-2020-36841
was published
Oct 16, 2024
Windows Kerberos Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38129
was published
Oct 8, 2024
Information disclosure while sending implicit broadcast containing APP launch information.
Moderate
Unreviewed
CVE-2024-38425
was published
Oct 7, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W,...
High
Unreviewed
CVE-2024-20393
was published
Oct 2, 2024
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low...
Moderate
Unreviewed
CVE-2024-20441
was published
Oct 2, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9297
was published
Sep 28, 2024
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow...
Moderate
Unreviewed
CVE-2024-20414
was published
Sep 25, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-9082
was published
Sep 22, 2024
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows...
High
Unreviewed
CVE-2024-43460
was published
Sep 17, 2024
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an...
Moderate
Unreviewed
CVE-2024-6840
was published
Sep 12, 2024
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management...
High
Unreviewed
CVE-2024-20381
was published
Sep 11, 2024
Microsoft Outlook for iOS Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-43482
was published
Sep 10, 2024
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
Moderate
Unreviewed
CVE-2024-38231
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API