Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,190 advisories

Loading
An improper validation vulnerability was reported in the firmware update mechanism of LADM and... High Unreviewed
CVE-2024-4762 was published Dec 16, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack... High Unreviewed
CVE-2024-10095 was published Dec 16, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-54376 was published Dec 16, 2024
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... High Unreviewed
CVE-2024-54279 was published Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54257 was published Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54249 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-54284 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-54283 was published Dec 16, 2024
An improper certificate validation vulnerability was reported in LADM that could allow a network... High Unreviewed
CVE-2024-6001 was published Dec 16, 2024
An improper parsing vulnerability was reported in the FileZ client that could allow a crafted... High Unreviewed
CVE-2024-8058 was published Dec 16, 2024
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI... High Unreviewed
CVE-2024-52063 was published Dec 13, 2024
XWiki Platform has an SQL injection in getdocuments.vm with sort parameter High
CVE-2024-55663 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Dec 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55974 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55987 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55979 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55986 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55990 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55989 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This... High Unreviewed
CVE-2024-56015 was published Dec 16, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Wovax, LLC. Wovax IDX... High Unreviewed
CVE-2024-56013 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ivan Ovsyannikov Aphorismus allows Stored XSS... High Unreviewed
CVE-2024-54429 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer... High Unreviewed
CVE-2024-54432 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows... High Unreviewed
CVE-2024-54426 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55973 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue... High Unreviewed
CVE-2024-54434 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database