GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,265 advisories
Filter by severity
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability.
Critical
Unreviewed
CVE-2023-26785
was published
Oct 18, 2024
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-27766
was published
Oct 18, 2024
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated...
Moderate
Unreviewed
CVE-2023-39593
was published
Oct 18, 2024
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of...
High
Unreviewed
CVE-2024-0755
was published
Jan 23, 2024
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-23742
was published
Jan 28, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries...
Critical
Unreviewed
CVE-2024-9264
was published
Oct 18, 2024
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows...
High
Unreviewed
CVE-2012-1879
was published
May 13, 2022
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1...
High
Unreviewed
CVE-2017-18113
was published
May 24, 2022
A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected...
Moderate
Unreviewed
CVE-2024-10073
was published
Oct 17, 2024
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux...
High
Unreviewed
CVE-2023-28793
was published
Oct 23, 2023
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on...
High
Unreviewed
CVE-2023-28796
was published
Oct 23, 2023
Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the...
Critical
Unreviewed
CVE-2023-50808
was published
Feb 13, 2024
In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after...
High
Unreviewed
CVE-2017-18356
was published
May 14, 2022
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ...
High
Unreviewed
CVE-2024-22899
was published
Feb 2, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code...
Critical
Unreviewed
CVE-2024-49254
was published
Oct 16, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link...
Critical
Unreviewed
CVE-2024-48168
was published
Oct 14, 2024
SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2,...
High
Unreviewed
CVE-2008-4835
was published
May 14, 2022
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &...
High
Unreviewed
CVE-2024-48279
was published
Oct 15, 2024
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9837
was published
Oct 15, 2024
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection...
Moderate
Unreviewed
CVE-2024-8760
was published
Oct 12, 2024
ProTip!
Advisories are also available from the
GraphQL API