GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,773 advisories
Filter by severity
Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows...
Moderate
Unreviewed
CVE-2024-20893
was published
Jul 2, 2024
Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1...
Moderate
Unreviewed
CVE-2024-20894
was published
Jul 2, 2024
Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair...
Moderate
Unreviewed
CVE-2024-20889
was published
Jul 2, 2024
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-4375
was published
Jun 18, 2024
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This...
Moderate
Unreviewed
CVE-2024-3707
was published
Apr 12, 2024
The Lightbox & Modal Popup WordPress Plugin WordPress plugin before 2.7.28, foobox-image...
Moderate
Unreviewed
CVE-2024-3276
was published
Jun 18, 2024
The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5504
was published
Jul 2, 2024
The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-3513
was published
Jul 2, 2024
The PDF Viewer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0845
was published
Jun 18, 2024
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This...
Moderate
Unreviewed
CVE-2024-3706
was published
Apr 12, 2024
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio...
Moderate
Unreviewed
CVE-2024-6505
was published
Jul 5, 2024
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access...
Moderate
Unreviewed
CVE-2024-23588
was published
Jul 5, 2024
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter...
Moderate
Unreviewed
CVE-2024-6526
was published
Jul 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20230922. It...
Moderate
Unreviewed
CVE-2024-6525
was published
Jul 5, 2024
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5544
was published
Jul 2, 2024
The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-5545
was published
Jul 2, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss...
Moderate
Unreviewed
CVE-2024-5860
was published
Jun 18, 2024
The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of...
Moderate
Unreviewed
CVE-2024-4094
was published
Jun 18, 2024
The Boot Store theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’...
Moderate
Unreviewed
CVE-2024-5938
was published
Jul 2, 2024
The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to,...
Moderate
Unreviewed
CVE-2024-5533
was published
Jun 18, 2024
The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-1634
was published
Jun 18, 2024
A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-6523
was published
Jul 5, 2024
A vulnerability was found in ShopXO up to 6.1.0. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-6524
was published
Jul 5, 2024
In the Linux kernel, the following vulnerability has been resolved:
xsk: validate user input for...
Moderate
Unreviewed
CVE-2024-35976
was published
May 20, 2024
Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue...
Moderate
Unreviewed
CVE-2024-37474
was published
Jul 4, 2024
ProTip!
Advisories are also available from the
GraphQL API