GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,533 advisories
Filter by severity
This vulnerability occurs when user-supplied input is improperly sanitized and then reflected...
Moderate
Unreviewed
CVE-2024-38380
was published
Sep 17, 2024
A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified...
Moderate
Unreviewed
CVE-2024-8945
was published
Sep 17, 2024
A vulnerability, which was classified as critical, was found in code-projects Hospital Management...
Moderate
Unreviewed
CVE-2024-8944
was published
Sep 17, 2024
Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows...
Moderate
Unreviewed
CVE-2024-38860
was published
Sep 17, 2024
The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-8093
was published
Sep 17, 2024
The Enhanced Search Box WordPress plugin through 0.6.1 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2024-8091
was published
Sep 17, 2024
The Review Ratings WordPress plugin through 1.6 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-8052
was published
Sep 17, 2024
The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8092
was published
Sep 17, 2024
The Visual Sound (old) WordPress plugin through 1.06 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2024-8047
was published
Sep 17, 2024
The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its...
Moderate
Unreviewed
CVE-2024-5170
was published
Sep 17, 2024
The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8051
was published
Sep 17, 2024
The Vikinghammer Tweet WordPress plugin through 0.2.4 does not have CSRF check in some places,...
Moderate
Unreviewed
CVE-2024-8043
was published
Sep 17, 2024
The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2024-8044
was published
Sep 17, 2024
An authentication issue was addressed with improved state management. This issue is fixed in iOS...
Moderate
Unreviewed
CVE-2024-44202
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and...
Moderate
Unreviewed
CVE-2024-44127
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-40825
was published
Sep 17, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7...
Moderate
Unreviewed
CVE-2024-4283
was published
Sep 17, 2024
Local privilege escalation due to DLL hijacking vulnerability. The following products are...
Moderate
Unreviewed
CVE-2024-34016
was published
Sep 16, 2024
Local privilege escalation due to DLL hijacking vulnerability. The following products are...
Moderate
Unreviewed
CVE-2024-8766
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music...
Moderate
Unreviewed
CVE-2024-42795
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in...
Moderate
Unreviewed
CVE-2024-42796
was published
Sep 16, 2024
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax...
Moderate
Unreviewed
CVE-2024-42794
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Moderate
Unreviewed
CVE-2024-36247
was published
Sep 16, 2024
Improper input validation in some Intel(R) RAID Web Console software all versions may allow an...
Moderate
Unreviewed
CVE-2024-34545
was published
Sep 16, 2024
Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow...
Moderate
Unreviewed
CVE-2024-34153
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API