GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
237,510 advisories
Filter by severity
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-4148
was published
Jun 1, 2024
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin...
High
Unreviewed
CVE-2024-4958
was published
Jun 1, 2024
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for...
High
Unreviewed
CVE-2024-3821
was published
Jun 1, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Uploadcare Uploadcare File Uploader and...
Moderate
Unreviewed
CVE-2024-35636
was published
Jun 1, 2024
The Elements For Elementor plugin for WordPress is vulnerable to Local File Inclusion in all...
High
Unreviewed
CVE-2024-5348
was published
Jun 1, 2024
The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of...
Critical
Unreviewed
CVE-2024-3200
was published
Jun 1, 2024
The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for...
Moderate
Unreviewed
CVE-2024-2506
was published
Jun 1, 2024
The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for...
Critical
Unreviewed
CVE-2024-3820
was published
Jun 1, 2024
The QQWorld Auto Save Images plugin for WordPress is vulnerable to unauthorized access of data...
Moderate
Unreviewed
CVE-2024-1324
was published
Jun 1, 2024
The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-2295
was published
Jun 1, 2024
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2023-6382
was published
Jun 1, 2024
The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5501
was published
Jun 1, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-4087
was published
Jun 1, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-4342
was published
Jun 1, 2024
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File...
High
Unreviewed
CVE-2024-3564
was published
Jun 1, 2024
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-3565
was published
Jun 1, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for...
High
Unreviewed
CVE-2023-3758
was published
Apr 18, 2024
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong...
High
Unreviewed
CVE-2024-0409
was published
Jan 18, 2024
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The...
Moderate
Unreviewed
CVE-2023-6683
was published
Jan 12, 2024
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not...
Moderate
Unreviewed
CVE-2023-39192
was published
Oct 9, 2023
A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create()...
High
Unreviewed
CVE-2023-39198
was published
Nov 9, 2023
A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm...
Moderate
Unreviewed
CVE-2023-6176
was published
Nov 16, 2023
A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865,...
Low
Unreviewed
CVE-2024-1048
was published
Feb 6, 2024
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when...
Moderate
Unreviewed
CVE-2024-0408
was published
Jan 18, 2024
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an...
High
Unreviewed
CVE-2023-5367
was published
Oct 25, 2023
ProTip!
Advisories are also available from the
GraphQL API