GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,763 advisories
Filter by severity
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access...
Moderate
Unreviewed
CVE-2024-23588
was published
Jul 5, 2024
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter...
Moderate
Unreviewed
CVE-2024-6526
was published
Jul 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. It...
Moderate
Unreviewed
CVE-2024-6525
was published
Jul 5, 2024
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio...
Moderate
Unreviewed
CVE-2024-6505
was published
Jul 5, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5544
was published
Jul 2, 2024
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5545
was published
Jul 2, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss...
Moderate
Unreviewed
CVE-2024-5860
was published
Jun 18, 2024
The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of...
Moderate
Unreviewed
CVE-2024-4094
was published
Jun 18, 2024
The Boot Store theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’...
Moderate
Unreviewed
CVE-2024-5938
was published
Jul 2, 2024
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to,...
Moderate
Unreviewed
CVE-2024-5533
was published
Jun 18, 2024
The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-1634
was published
Jun 18, 2024
A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-6523
was published
Jul 5, 2024
A vulnerability was found in ShopXO up to 6.1.0. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-6524
was published
Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
xsk: validate user input for...
Moderate
Unreviewed
CVE-2024-35976
was published
May 20, 2024
Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue...
Moderate
Unreviewed
CVE-2024-37474
was published
Jul 4, 2024
A vulnerability classified as problematic was found in y_project RuoYi up to 4.7.9. Affected by...
Moderate
Unreviewed
CVE-2024-6511
was published
Jul 4, 2024
Cross Site Scripting (XSS) vulnerability in Automattic Newspack Campaigns allows Stored XSS.This...
Moderate
Unreviewed
CVE-2024-37476
was published
Jul 4, 2024
VMware Cloud Director Availability contains an HTML injection vulnerability.
A
malicious actor...
Moderate
Unreviewed
CVE-2024-22277
was published
Jul 4, 2024
Improper Authentication vulnerability in the mobile monitoring feature of ICONICS GENESIS64...
Moderate
Unreviewed
CVE-2024-1573
was published
Jul 4, 2024
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability...
Moderate
Unreviewed
CVE-2024-1574
was published
Jul 4, 2024
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected...
Moderate
Unreviewed
CVE-2024-31486
was published
May 14, 2024
An attacker with admin access can install rogue applications. As for the affected products/models...
Moderate
Unreviewed
CVE-2024-27180
was published
Jun 14, 2024
Toshiba printers provide a web interface that will load the JavaScript file. The file contains...
Moderate
Unreviewed
CVE-2024-27162
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27160
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27159
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API