GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,814 advisories

Filter by severity

Sort by

Least recently updated

The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object... High Unreviewed

CVE-2024-12721 was published Dec 21, 2024

The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross... High Unreviewed

CVE-2024-12771 was published Dec 21, 2024

The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2024-12066 was published Dec 21, 2024

The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-11977 was published Dec 21, 2024

The AirVantage platform is vulnerable to an unauthorized attacker registering previously... High Unreviewed

CVE-2023-31279 was published Dec 21, 2024

Improper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows... High Unreviewed

CVE-2024-37758 was published Dec 20, 2024

Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed

CVE-2024-12867 was published Dec 20, 2024

Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting... High Unreviewed

CVE-2024-10385 was published Dec 20, 2024

Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed

CVE-2024-12677 was published Dec 20, 2024

IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable... High Unreviewed

CVE-2024-40695 was published Dec 20, 2024

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed

CVE-2024-44211 was published Dec 20, 2024

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed

CVE-2024-44231 was published Dec 20, 2024

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1.... High Unreviewed

CVE-2024-44195 was published Dec 20, 2024

Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This... High Unreviewed

CVE-2024-12832 was published Dec 20, 2024

A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed

CVE-2024-54538 was published Dec 20, 2024

There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed

CVE-2022-32144 was published Dec 20, 2024

There is an improper input verification vulnerability in Huawei printer product. Successful... High Unreviewed

CVE-2022-32204 was published Dec 20, 2024

Huawei printers have an input verification vulnerability. Successful exploitation of this... High Unreviewed

CVE-2022-34159 was published Dec 20, 2024

Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-12829 was published Dec 20, 2024

Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-12830 was published Dec 20, 2024

There is an unrestricted file upload vulnerability where it is possible for an authenticated user... High Unreviewed

CVE-2024-12700 was published Dec 20, 2024

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation... High Unreviewed

CVE-2024-11364 was published Dec 19, 2024

A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat... High Unreviewed

CVE-2024-11157 was published Dec 19, 2024

Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena®... High Unreviewed

CVE-2024-12175 was published Dec 19, 2024

A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat... High Unreviewed

CVE-2024-12672 was published Dec 19, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

93,814 advisories