Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,221 advisories

Loading
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via... Moderate Unreviewed
CVE-2024-46410 was published Oct 8, 2024
Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings... Moderate Unreviewed
CVE-2024-8983 was published Oct 8, 2024
3DSecure 2.0 allows reflected XSS in the 3DS Authorization Challenge via a modified params... Moderate Unreviewed
CVE-2024-25283 was published Oct 9, 2024
3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a ... Moderate Unreviewed
CVE-2024-25282 was published Oct 9, 2024
The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-6591 was published Feb 12, 2024
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2023-6501 was published Feb 12, 2024
In the Linux kernel, the following vulnerability has been resolved: ethtool: fail closed if we... Moderate Unreviewed
CVE-2024-46834 was published Sep 27, 2024
In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call... Moderate Unreviewed
CVE-2024-46832 was published Sep 27, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high... Moderate Unreviewed
CVE-2024-46837 was published Sep 27, 2024
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... Moderate Unreviewed
CVE-2019-20101 was published May 24, 2022
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have... Moderate Unreviewed
CVE-2024-9470 was published Oct 9, 2024
3DSecure 2.0 allows reflected XSS in the 3DS Authorization Method via the threeDsMethod.jsp... Moderate Unreviewed
CVE-2024-25284 was published Oct 9, 2024
Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide... Moderate Unreviewed
CVE-2023-40453 was published Nov 14, 2023
xhtml2pdf Denial of Service via crafted string Moderate
CVE-2024-25885 was published for xhtml2pdf (pip) Oct 8, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability... Moderate Unreviewed
CVE-2024-5127 was published Jun 6, 2024
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf... Moderate Unreviewed
CVE-2024-45001 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under... Moderate Unreviewed
CVE-2024-45003 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix validity... Moderate Unreviewed
CVE-2024-45005 was published Sep 4, 2024
In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent... Moderate Unreviewed
CVE-2024-44991 was published Sep 4, 2024
An issue was discovered in VectorComponentUserLinks.php in the Vector Skin component in MediaWiki... Moderate Unreviewed
CVE-2023-45361 was published Oct 9, 2024
The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-7233 was published Feb 12, 2024
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-1159 was published Feb 13, 2024
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak... Moderate Unreviewed
CVE-2024-45004 was published Sep 4, 2024
The EazyDocs WordPress plugin before 2.4.0 re-introduced CVE-2023-6029 (https://wpscan.com... Moderate Unreviewed
CVE-2024-0248 was published Feb 12, 2024
The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to... Moderate Unreviewed
CVE-2024-0250 was published Feb 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database