Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,435 advisories

Loading
Unrestricted Upload of File with Dangerous Type vulnerability in Webful Creations Computer Repair... Critical Unreviewed
CVE-2024-51793 was published Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms allows Upload a... Critical Unreviewed
CVE-2024-51791 was published Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Wolfe The Novel Design... Critical Unreviewed
CVE-2024-51788 was published Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in UjW0L Image Classify allows... Critical Unreviewed
CVE-2024-51789 was published Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Dang Ngoc Binh Audio Record... Critical Unreviewed
CVE-2024-51792 was published Nov 11, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team HB WEBSOL HB AUDIO GALLERY... Critical Unreviewed
CVE-2024-51790 was published Nov 11, 2024
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed
CVE-2024-10871 was published Nov 9, 2024
The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for... Critical Unreviewed
CVE-2024-10508 was published Nov 9, 2024
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-10547 was published Nov 9, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2024-10589 was published Nov 9, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2024-10801 was published Nov 9, 2024
The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is... Critical Unreviewed
CVE-2024-10470 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-10625 was published Nov 9, 2024
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-10627 was published Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2024-10284 was published Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the... Critical Unreviewed
CVE-2024-10285 was published Nov 9, 2024
The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing... Critical Unreviewed
CVE-2024-10586 was published Nov 9, 2024
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It... Critical Unreviewed
CVE-2024-10915 was published Nov 6, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows... Critical Unreviewed
CVE-2024-51567 was published Oct 30, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... Critical Unreviewed
CVE-2024-50966 was published Nov 8, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
An unauthenticated attacker with access to the local network of the medical office can use known... Critical Unreviewed
CVE-2024-50588 was published Nov 8, 2024
The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)... Critical Unreviewed
CVE-2020-8007 was published Nov 8, 2024
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP... Critical Unreviewed
CVE-2019-20461 was published Nov 7, 2024
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface... Critical Unreviewed
CVE-2019-20457 was published Nov 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database