GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104 advisories
Filter by severity
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress...
Moderate
Unreviewed
CVE-2024-12875
was published
Dec 21, 2024
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to...
High
Unreviewed
CVE-2024-12066
was published
Dec 21, 2024
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows...
High
Unreviewed
CVE-2024-4230
was published
Dec 19, 2024
External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion...
High
Unreviewed
CVE-2024-11838
was published
Dec 13, 2024
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-12357
was published
Dec 9, 2024
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file...
Low
Unreviewed
CVE-2024-10672
was published
Nov 12, 2024
NTLM Hash Disclosure Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-43451
was published
Nov 12, 2024
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This...
Moderate
Unreviewed
CVE-2024-5823
was published
Oct 29, 2024
The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all...
Moderate
Unreviewed
CVE-2023-5816
was published
Oct 30, 2024
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to...
Critical
Unreviewed
CVE-2024-28394
was published
Mar 20, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43581
was published
Oct 8, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43615
was published
Oct 8, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38029
was published
Oct 8, 2024
There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9...
High
Unreviewed
CVE-2024-38040
was published
Oct 4, 2024
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9275
was published
Sep 27, 2024
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource...
Critical
Unreviewed
CVE-2024-9142
was published
Sep 25, 2024
Proxmox Virtual Environment is an open-source server management platform for enterprise...
High
Unreviewed
CVE-2024-21545
was published
Sep 25, 2024
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28603
was published
Jun 13, 2023
The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for...
High
Unreviewed
CVE-2024-7626
was published
Sep 11, 2024
Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible
because the...
Moderate
Unreviewed
CVE-2024-0849
was published
Feb 7, 2024
An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec...
High
Unreviewed
CVE-2024-33671
was published
Apr 26, 2024
A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows...
High
Unreviewed
CVE-2024-6255
was published
Jul 31, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7911
was published
Aug 18, 2024
Windows Compressed Folder Tampering Vulnerability
Moderate
Unreviewed
CVE-2024-38165
was published
Aug 13, 2024
Microsoft Outlook Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-38173
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API