Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117,970 advisories

Loading
The Quotes llama plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-10874 was published Nov 23, 2024
The WPDash Notes plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2024-9223 was published Nov 23, 2024
The WordPress Brute Force Protection – Stop Brute Force Attacks plugin for WordPress is... Moderate Unreviewed
CVE-2024-10869 was published Nov 23, 2024
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10537 was published Nov 23, 2024
The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10868 was published Nov 23, 2024
The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is... Moderate Unreviewed
CVE-2024-10813 was published Nov 23, 2024
The Twitter Follow Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-10116 was published Nov 23, 2024
The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-10216 was published Nov 23, 2024
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth... Moderate Unreviewed
CVE-2024-11586 was published Nov 23, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed
CVE-2024-41761 was published Nov 23, 2024
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution... Moderate Unreviewed
CVE-2024-8360 was published Nov 23, 2024
Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2024-8359 was published Nov 23, 2024
Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2024-8358 was published Nov 23, 2024
Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This... Moderate Unreviewed
CVE-2024-8355 was published Nov 23, 2024
A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore... Moderate Unreviewed
CVE-2024-11590 was published Nov 23, 2024
A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0.... Moderate Unreviewed
CVE-2024-11589 was published Nov 23, 2024
A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and... Moderate Unreviewed
CVE-2024-11630 was published Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-7392 was published Nov 23, 2024
AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability. This... Moderate Unreviewed
CVE-2024-7236 was published Nov 23, 2024
Avast Free Antivirus Link Following Denial-of-Service Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-7228 was published Nov 23, 2024
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-7235 was published Nov 23, 2024
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion... Moderate Unreviewed
CVE-2024-9257 was published Nov 22, 2024
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2024-9665 was published Nov 22, 2024
7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote... Moderate Unreviewed
CVE-2024-11612 was published Nov 22, 2024
Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This... Moderate Unreviewed
CVE-2024-6247 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database