GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,975
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,057
Maven 5,238
npm 3,742
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,425

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,946 advisories

Filter by severity

Sort by

Least recently updated

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote... Critical Unreviewed

CVE-2024-7024 was published Sep 24, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Webdeclic WPMasterToolKit allows... Critical Unreviewed

CVE-2024-56249 was published Jan 2, 2025

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a ... Critical Unreviewed

CVE-2024-56829 was published Jan 2, 2025

The Electronic Official Document Management System from 2100 Technology has an Authentication... Critical Unreviewed

CVE-2024-13061 was published Dec 31, 2024

SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function... Critical Unreviewed

CVE-2024-55461 was published Dec 19, 2024

oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid... Critical Unreviewed

CVE-2024-56431 was published Dec 25, 2024

SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at... Critical Unreviewed

CVE-2024-50713 was published Dec 27, 2024

A potential security vulnerability has been identified for certain HP multifunction printers ... Critical Unreviewed

CVE-2023-1329 was published Jun 14, 2023

The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API... Critical Unreviewed

CVE-2024-11972 was published Dec 31, 2024

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a... Critical Unreviewed

CVE-2024-54983 was published Dec 20, 2024

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted... Critical Unreviewed

CVE-2024-54984 was published Dec 20, 2024

An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass... Critical Unreviewed

CVE-2024-54982 was published Dec 20, 2024

Incorrect Privilege Assignment vulnerability in VibeThemes WPLMS allows Privilege Escalation.This... Critical Unreviewed

CVE-2024-56043 was published Dec 31, 2024

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... Critical Unreviewed

CVE-2024-56045 was published Dec 31, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows... Critical Unreviewed

CVE-2024-56044 was published Dec 31, 2024

Incorrect Privilege Assignment vulnerability in VibeThemes VibeBP allows Privilege Escalation... Critical Unreviewed

CVE-2024-56040 was published Dec 31, 2024

Missing Authorization vulnerability in Inspry Agency Toolkit allows Privilege Escalation.This... Critical Unreviewed

CVE-2024-56066 was published Dec 31, 2024

Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue... Critical Unreviewed

CVE-2024-56205 was published Dec 31, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-56039 was published Dec 31, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a... Critical Unreviewed

CVE-2024-56046 was published Dec 31, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-56042 was published Dec 31, 2024

Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows... Critical Unreviewed

CVE-2024-56071 was published Dec 31, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows... Critical Unreviewed

CVE-2024-56064 was published Dec 31, 2024

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible... Critical Unreviewed

CVE-2024-1297 was published Feb 20, 2024

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP... Critical Unreviewed

CVE-2024-12106 was published Dec 31, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,946 advisories