GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,917 advisories
Filter by severity
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-50717
was published
Dec 27, 2024
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-50716
was published
Dec 27, 2024
Integer overflow vulnerability exists in SimplCommerce at commit...
Critical
Unreviewed
CVE-2024-50944
was published
Dec 27, 2024
An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is...
Critical
Unreviewed
CVE-2024-54450
was published
Dec 27, 2024
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script...
Critical
Unreviewed
CVE-2024-12652
was published
Dec 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-8950
was published
Dec 25, 2024
The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all...
Critical
Unreviewed
CVE-2024-11281
was published
Dec 25, 2024
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can...
Critical
Unreviewed
CVE-2024-40896
was published
Dec 23, 2024
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be...
Critical
Unreviewed
CVE-2024-46873
was published
Dec 23, 2024
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,...
Critical
Unreviewed
CVE-2024-11349
was published
Dec 21, 2024
SQL injection vulnerability in CodeAstro Complaint Management System v.1.0 allows a remote...
Critical
Unreviewed
CVE-2024-55509
was published
Dec 20, 2024
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A...
Critical
Unreviewed
CVE-2024-21855
was published
Dec 20, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
is vulnerable to an...
Critical
Unreviewed
CVE-2024-51466
was published
Dec 20, 2024
The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is...
Critical
Unreviewed
CVE-2024-12571
was published
Dec 20, 2024
There is a command injection vulnerability in Huawei terminal printer product. Successful...
Critical
Unreviewed
CVE-2022-32203
was published
Dec 20, 2024
A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos...
Critical
Unreviewed
CVE-2024-12728
was published
Dec 19, 2024
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall...
Critical
Unreviewed
CVE-2024-12727
was published
Dec 19, 2024
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all...
Critical
Unreviewed
CVE-2021-26102
was published
Dec 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-10244
was published
Dec 19, 2024
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in...
Critical
Unreviewed
CVE-2024-12626
was published
Dec 19, 2024
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android...
Critical
Unreviewed
CVE-2023-4617
was published
Dec 19, 2024
A unrestricted upload of file with dangerous type vulnerability in epaper draft function in...
Critical
Unreviewed
CVE-2024-11984
was published
Dec 19, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56052
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56050
was published
Dec 18, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a...
Critical
Unreviewed
CVE-2024-56054
was published
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API