GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
92,480 advisories
Filter by severity
Deserialization of Untrusted Data vulnerability in Modeltheme QRMenu Restaurant QR Menu Lite...
High
Unreviewed
CVE-2024-52445
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Buying Buddy Buying Buddy IDX CRM allows...
High
Unreviewed
CVE-2024-52446
was published
Nov 20, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52449
was published
Nov 20, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-52450
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Aaron Robbins Post Ideas allows SQL Injection...
High
Unreviewed
CVE-2024-52451
was published
Nov 20, 2024
Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows...
High
Unreviewed
CVE-2024-52447
was published
Nov 20, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the...
High
Unreviewed
CVE-2024-10382
was published
Nov 20, 2024
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System...
High
Unreviewed
CVE-2024-52437
was published
Nov 20, 2024
Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows...
High
Unreviewed
CVE-2024-52438
was published
Nov 20, 2024
**UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL...
High
Unreviewed
CVE-2024-11494
was published
Nov 20, 2024
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode...
High
Unreviewed
CVE-2024-10899
was published
Nov 20, 2024
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized...
High
Unreviewed
CVE-2024-10855
was published
Nov 20, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue...
High
Unreviewed
CVE-2024-48895
was published
Nov 20, 2024
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2...
High
Unreviewed
CVE-2024-44308
was published
Nov 20, 2024
In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write....
High
Unreviewed
CVE-2018-9466
was published
Nov 20, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44307
was published
Nov 20, 2024
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44306
was published
Nov 20, 2024
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing...
High
Unreviewed
CVE-2018-9419
was published
Nov 20, 2024
In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a...
High
Unreviewed
CVE-2018-9428
was published
Nov 20, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there...
High
Unreviewed
CVE-2018-9432
was published
Nov 20, 2024
In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper...
High
Unreviewed
CVE-2018-9417
was published
Nov 20, 2024
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a...
High
Unreviewed
CVE-2018-9424
was published
Nov 20, 2024
In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing...
High
Unreviewed
CVE-2018-9411
was published
Nov 20, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to...
High
Unreviewed
CVE-2024-11395
was published
Nov 19, 2024
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a...
High
Unreviewed
CVE-2024-45419
was published
Nov 19, 2024
ProTip!
Advisories are also available from the
GraphQL API