GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,439 advisories
Filter by severity
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing...
Critical
Unreviewed
CVE-2024-11068
was published
Nov 11, 2024
Webopac from Grand Vice info does not properly validate uploaded file types, allowing...
Critical
Unreviewed
CVE-2024-11018
was published
Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-11016
was published
Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-11020
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Wolfe The Novel Design...
Critical
Unreviewed
CVE-2024-51788
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify allows...
Critical
Unreviewed
CVE-2024-51789
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Dang Ngoc Binh Audio Record...
Critical
Unreviewed
CVE-2024-51792
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team HB WEBSOL HB AUDIO GALLERY...
Critical
Unreviewed
CVE-2024-51790
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair...
Critical
Unreviewed
CVE-2024-51793
was published
Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a...
Critical
Unreviewed
CVE-2024-51791
was published
Nov 11, 2024
The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for...
Critical
Unreviewed
CVE-2024-10508
was published
Nov 9, 2024
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all...
Critical
Unreviewed
CVE-2024-10871
was published
Nov 9, 2024
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
Critical
Unreviewed
CVE-2024-10547
was published
Nov 9, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized...
Critical
Unreviewed
CVE-2024-10589
was published
Nov 9, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due...
Critical
Unreviewed
CVE-2024-10801
was published
Nov 9, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is...
Critical
Unreviewed
CVE-2024-10470
was published
Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-10625
was published
Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-10627
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-10284
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the...
Critical
Unreviewed
CVE-2024-10285
was published
Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing...
Critical
Unreviewed
CVE-2024-10586
was published
Nov 9, 2024
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It...
Critical
Unreviewed
CVE-2024-10915
was published
Nov 6, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
Critical
Unreviewed
CVE-2024-50966
was published
Nov 8, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an...
Critical
Unreviewed
CVE-2024-5910
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API