GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,469 advisories
Filter by severity
The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable...
Critical
Unreviewed
CVE-2024-11028
was published
Nov 13, 2024
The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2024-10820
was published
Nov 13, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when...
Critical
Unreviewed
CVE-2024-10575
was published
Nov 13, 2024
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability...
Critical
Unreviewed
CVE-2024-8938
was published
Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due...
Critical
Unreviewed
CVE-2024-11150
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy...
Critical
Unreviewed
CVE-2024-39710
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39711
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39712
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti...
Critical
Unreviewed
CVE-2024-38656
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-38655
was published
Nov 13, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in...
Critical
Unreviewed
CVE-2024-10218
was published
Nov 12, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in...
Critical
Unreviewed
CVE-2024-10217
was published
Nov 12, 2024
Windows Kerberos Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43639
was published
Nov 12, 2024
Azure CycleCloud Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43602
was published
Nov 12, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
Critical
Unreviewed
CVE-2024-50330
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11005
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11006
was published
Nov 12, 2024
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists...
Critical
Unreviewed
CVE-2024-10943
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11007
was published
Nov 12, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data...
Critical
Unreviewed
CVE-2024-8074
was published
Nov 12, 2024
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910...
Critical
Unreviewed
CVE-2024-44102
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46890
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46888
was published
Nov 12, 2024
The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-10245
was published
Nov 12, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer...
Critical
Unreviewed
CVE-2024-52533
was published
Nov 12, 2024
ProTip!
Advisories are also available from the
GraphQL API