GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,572 advisories
Filter by severity
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for...
Critical
Unreviewed
CVE-2024-52376
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies...
Critical
Unreviewed
CVE-2024-52379
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots,...
Critical
Unreviewed
CVE-2024-52384
was published
Nov 14, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove...
Critical
Unreviewed
CVE-2024-52393
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer...
Critical
Unreviewed
CVE-2024-52372
was published
Nov 14, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege...
Critical
Unreviewed
CVE-2024-52382
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery...
Critical
Unreviewed
CVE-2024-52373
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator...
Critical
Unreviewed
CVE-2024-52377
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize...
Critical
Unreviewed
CVE-2024-52380
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3501
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3502
was published
Nov 14, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows...
Critical
Unreviewed
CVE-2024-3379
was published
Nov 14, 2024
A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method...
Critical
Unreviewed
CVE-2024-4343
was published
Nov 14, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to...
Critical
Unreviewed
CVE-2024-37285
was published
Nov 14, 2024
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion...
Critical
Unreviewed
CVE-2024-10571
was published
Nov 14, 2024
Unchecked return value can allow Apache Traffic Server to retain privileges on startup.
This...
Critical
Unreviewed
CVE-2024-50306
was published
Nov 14, 2024
The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable...
Critical
Unreviewed
CVE-2024-11028
was published
Nov 13, 2024
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability...
Critical
Unreviewed
CVE-2024-8938
was published
Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due...
Critical
Unreviewed
CVE-2024-11150
was published
Nov 13, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when...
Critical
Unreviewed
CVE-2024-10575
was published
Nov 13, 2024
The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2024-10820
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti...
Critical
Unreviewed
CVE-2024-38656
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39712
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39711
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy...
Critical
Unreviewed
CVE-2024-39710
was published
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API