GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
6,582 advisories
Filter by severity
A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3...
High
Unreviewed
CVE-2024-10101
was published
Oct 17, 2024
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based...
High
Unreviewed
CVE-2024-7994
was published
Oct 17, 2024
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds...
High
Unreviewed
CVE-2024-7993
was published
Oct 17, 2024
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
...
High
Unreviewed
CVE-2024-38814
was published
Oct 16, 2024
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to authorization...
High
Unreviewed
CVE-2020-36840
was published
Oct 16, 2024
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF...
High
Unreviewed
CVE-2024-45693
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability...
High
Unreviewed
CVE-2019-25214
was published
Oct 16, 2024
The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in...
High
Unreviewed
CVE-2021-4444
was published
Oct 16, 2024
The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
High
Unreviewed
CVE-2020-36839
was published
Oct 16, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9981
was published
Oct 15, 2024
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An...
High
Unreviewed
CVE-2024-47966
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-47964
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-47962
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-47963
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-47965
was published
Oct 10, 2024
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious...
High
Unreviewed
CVE-2024-9467
was published
Oct 9, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Overflow or...
High
Unreviewed
CVE-2024-47424
was published
Oct 9, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap...
High
Unreviewed
CVE-2024-47425
was published
Oct 9, 2024
InCopy versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File with...
High
Unreviewed
CVE-2024-45136
was published
Oct 9, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Unrestricted Upload of...
High
Unreviewed
CVE-2024-47423
was published
Oct 9, 2024
InDesign Desktop versions 19.4, 18.5.3 and earlier are affected by an Unrestricted Upload of File...
High
Unreviewed
CVE-2024-45137
was published
Oct 9, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path...
High
Unreviewed
CVE-2024-47422
was published
Oct 9, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read...
High
Unreviewed
CVE-2024-47421
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API