GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,980 advisories
Filter by severity
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of...
High
Unreviewed
CVE-2024-0755
was published
Jan 23, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows...
High
Unreviewed
CVE-2012-1879
was published
May 13, 2022
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1...
High
Unreviewed
CVE-2017-18113
was published
May 24, 2022
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux...
High
Unreviewed
CVE-2023-28793
was published
Oct 23, 2023
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on...
High
Unreviewed
CVE-2023-28796
was published
Oct 23, 2023
In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after...
High
Unreviewed
CVE-2017-18356
was published
May 14, 2022
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ...
High
Unreviewed
CVE-2024-22899
was published
Feb 2, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2,...
High
Unreviewed
CVE-2008-4835
was published
May 14, 2022
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &...
High
Unreviewed
CVE-2024-48279
was published
Oct 15, 2024
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9837
was published
Oct 15, 2024
A vulnerability was discovered in FBM_292W-21.03.10V, which has been classified as critical. This...
High
Unreviewed
CVE-2024-44414
was published
Oct 11, 2024
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the...
High
Unreviewed
CVE-2023-46818
was published
Oct 27, 2023
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote...
High
Unreviewed
CVE-2021-39115
was published
May 24, 2022
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon...
High
Unreviewed
CVE-2021-39128
was published
May 24, 2022
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing...
High
Unreviewed
CVE-2012-1661
was published
May 17, 2022
The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-9581
was published
Oct 10, 2024
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION...
High
Unreviewed
CVE-2023-39445
was published
Aug 18, 2023
Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION...
High
Unreviewed
CVE-2023-38576
was published
Aug 18, 2023
Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account...
High
Unreviewed
CVE-2021-39114
was published
Apr 6, 2022
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could...
High
Unreviewed
CVE-2023-37427
was published
Aug 22, 2023
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could...
High
Unreviewed
CVE-2023-37424
was published
Aug 22, 2023
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip...
High
Unreviewed
CVE-2024-46080
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API