GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,778 advisories
Filter by severity
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from...
Moderate
Unreviewed
CVE-2023-51375
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event...
Moderate
Unreviewed
CVE-2024-5059
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects...
Moderate
Unreviewed
CVE-2024-37227
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue...
Moderate
Unreviewed
CVE-2024-37230
was published
Jun 21, 2024
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter...
Moderate
Unreviewed
CVE-2024-6239
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35760
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35757
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35758
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35759
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35768
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35764
was published
Jun 21, 2024
Improper Input Validation vulnerability in ABB 800xA Base.
An attacker who successfully exploited...
Moderate
Unreviewed
CVE-2024-3036
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35774
was published
Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix loop termination...
Moderate
Unreviewed
CVE-2024-36288
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35769
was published
Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Allow delete from...
Moderate
Unreviewed
CVE-2024-38662
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35779
was published
Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
tracing/probes: fix error...
Moderate
Unreviewed
CVE-2024-36481
was published
Jun 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
dma-buf/sw-sync: don't...
Moderate
Unreviewed
CVE-2024-38780
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-5058
was published
Jun 21, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6225
was published
Jun 21, 2024
The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type...
Moderate
Unreviewed
CVE-2024-5945
was published
Jun 21, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5859
was published
Jun 21, 2024
events2 TYPO3 extension insecure direct object reference (IDOR) vulnerability
Moderate
CVE-2024-38874
was published
for
jweiland/events2
(Composer)
Jun 21, 2024
FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass
Moderate
CVE-2024-38873
was published
for
studiomitte/friendlycaptcha
(Composer)
Jun 21, 2024
ProTip!
Advisories are also available from the
GraphQL API