Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,734 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55984 was published Dec 18, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-54270 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-51646 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55983 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54350 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55985 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55975 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56016 was published Dec 18, 2024
Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality... High Unreviewed
CVE-2024-56008 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56010 was published Dec 18, 2024
The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL... High Unreviewed
CVE-2024-11912 was published Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49677 was published Dec 18, 2024
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. High Unreviewed
CVE-2024-1610 was published Dec 18, 2024
Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE... High Unreviewed
CVE-2024-47397 was published Dec 18, 2024
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary... High Unreviewed
CVE-2024-39703 was published Dec 18, 2024
Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0... High Unreviewed
CVE-2024-54457 was published Dec 18, 2024
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature.... High Unreviewed
CVE-2024-11614 was published Dec 18, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2024-53688 was published Dec 18, 2024
The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover... High Unreviewed
CVE-2024-12432 was published Dec 18, 2024
Versions of the package spatie/browsershot before 5.0.2 are vulnerable to Directory Traversal due... High Unreviewed
CVE-2024-21547 was published Dec 18, 2024
Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code... High Unreviewed
CVE-2024-21546 was published Dec 18, 2024
Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper... High Unreviewed
CVE-2024-21548 was published Dec 18, 2024
The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation... High Unreviewed
CVE-2024-12259 was published Dec 18, 2024
Authorization bypass through user-controlled key vulnerability in streaming service in Synology... High Unreviewed
CVE-2024-4464 was published Dec 18, 2024
The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy'... High Unreviewed
CVE-2024-12025 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database