GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,916
Maven
5,000+
npm
3,646
NuGet
638
pip
3,263
Pub
10
RubyGems
870
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,975 advisories
Filter by severity
A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-9429
was published
Oct 2, 2024
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of...
Moderate
Unreviewed
CVE-2024-8037
was published
Oct 2, 2024
An unauthenticated remote attacker may use the devices traffic capture without authentication to...
Moderate
Unreviewed
CVE-2024-35294
was published
Oct 2, 2024
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-8505
was published
Oct 2, 2024
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8282
was published
Oct 2, 2024
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9210
was published
Oct 2, 2024
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9225
was published
Oct 2, 2024
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9172
was published
Oct 2, 2024
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content...
Moderate
Unreviewed
CVE-2024-9222
was published
Oct 2, 2024
The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN,...
Moderate
Unreviewed
CVE-2024-9344
was published
Oct 2, 2024
The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9378
was published
Oct 2, 2024
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with...
Moderate
Unreviewed
CVE-2024-9218
was published
Oct 2, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-8254
was published
Oct 2, 2024
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache,...
Moderate
Unreviewed
CVE-2024-8800
was published
Oct 2, 2024
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8967
was published
Oct 2, 2024
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated...
Moderate
Unreviewed
CVE-2024-9333
was published
Oct 2, 2024
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows...
Moderate
Unreviewed
CVE-2024-9174
was published
Oct 2, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via...
Moderate
Unreviewed
CVE-2024-46079
was published
Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated...
Moderate
Unreviewed
CVE-2024-46081
was published
Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated...
Moderate
Unreviewed
CVE-2024-46083
was published
Oct 1, 2024
A vulnerability classified as problematic has been found in OFCMS 1.1.2. This affects the...
Moderate
Unreviewed
CVE-2024-9411
was published
Oct 1, 2024
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to...
Moderate
Unreviewed
CVE-2024-44610
was published
Oct 1, 2024
Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge...
Moderate
Unreviewed
CVE-2023-7273
was published
Oct 1, 2024
An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-44744
was published
Oct 1, 2024
An incorrect limitation of a path to a restricted directory (path traversal) has been detected in...
Moderate
Unreviewed
CVE-2024-9405
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API