Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,412
Erlang
28
GitHub Actions
16
Go
1,649
Maven
4,914
npm
3,437
NuGet
594
pip
2,682
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

214,337 advisories

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress... Moderate Unreviewed
CVE-2024-2258 was published Apr 27, 2024
The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-2838 was published Apr 27, 2024
The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up... Low Unreviewed
CVE-2024-3034 was published Apr 27, 2024
By default, SANnav OVA is shipped with root user login enabled. While protected by a password,... Moderate Unreviewed
CVE-2024-2859 was published Apr 27, 2024
A vulnerability classified as critical has been found in Tenda W9 1.0.0.7(4456). Affected is the... High Unreviewed
CVE-2024-4243 was published Apr 27, 2024
A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by this... High Unreviewed
CVE-2024-4244 was published Apr 27, 2024
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is... High Unreviewed
CVE-2024-3052 was published Apr 27, 2024
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed
CVE-2024-3051 was published Apr 27, 2024
Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote attacker to run arbitrary... Unknown Unreviewed
CVE-2024-31741 was published Apr 27, 2024
SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC... Unknown Unreviewed
CVE-2024-28322 was published Apr 27, 2024
Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105... Unknown Unreviewed
CVE-2024-31551 was published Apr 27, 2024
An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an... Unknown Unreviewed
CVE-2024-30804 was published Apr 27, 2024
Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary... Unknown Unreviewed
CVE-2024-31828 was published Apr 27, 2024
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been declared as critical. This... High Unreviewed
CVE-2024-4241 was published Apr 26, 2024
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. This... High Unreviewed
CVE-2024-4240 was published Apr 26, 2024
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been rated as critical. This issue... High Unreviewed
CVE-2024-4242 was published Apr 26, 2024
A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this... High Unreviewed
CVE-2024-4239 was published Apr 26, 2024
JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions.... Unknown Unreviewed
CVE-2023-26603 was published Apr 26, 2024
A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected is... High Unreviewed
CVE-2024-4237 was published Apr 26, 2024
A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by... High Unreviewed
CVE-2024-4238 was published Apr 26, 2024
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.4 for... Unknown Unreviewed
CVE-2022-48611 was published Apr 26, 2024
Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to... Unknown Unreviewed
CVE-2024-28325 was published Apr 26, 2024
Incorrect Access Control in Asus RT-N12+ B1 routers allows local attackers to obtain root... Unknown Unreviewed
CVE-2024-28326 was published Apr 26, 2024
Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to... Unknown Unreviewed
CVE-2024-28327 was published Apr 26, 2024
An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate... Unknown Unreviewed
CVE-2024-31502 was published Apr 26, 2024
ProTip! Advisories are also available from the GraphQL API