GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,323
Composer 4,131
Erlang 29
GitHub Actions 19
Go 1,937
Maven 5,131
npm 3,676
NuGet 642
pip 3,292
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,508

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,141 advisories

Filter by severity

Sort by

Least recently updated

The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins... Critical Unreviewed

CVE-2016-15042 was published Oct 16, 2024

The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing... Critical Unreviewed

CVE-2018-25105 was published Oct 16, 2024

The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in... Critical Unreviewed

CVE-2020-36832 was published Oct 16, 2024

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a... Critical Unreviewed

CVE-2020-36837 was published Oct 16, 2024

The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions... Critical Unreviewed

CVE-2021-4443 was published Oct 16, 2024

The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File... Critical Unreviewed

CVE-2019-25213 was published Oct 16, 2024

The SiteGround Optimizer plugin for WordPress is vulnerable to authorization bypass leading to... Critical Unreviewed

CVE-2019-25217 was published Oct 16, 2024

The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file... Critical Unreviewed

CVE-2021-4449 was published Oct 16, 2024

The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed

CVE-2016-15040 was published Oct 16, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-9634 was published Oct 16, 2024

The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-9105 was published Oct 16, 2024

A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default... Critical Unreviewed

CVE-2024-9486 was published Oct 15, 2024

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed

CVE-2024-21216 was published Oct 15, 2024

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Critical Unreviewed

CVE-2024-21172 was published Oct 15, 2024

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL... Critical Unreviewed

CVE-2024-48283 was published Oct 15, 2024

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing... Critical Unreviewed

CVE-2024-45274 was published Oct 15, 2024

The devices contain two hard coded user accounts with hardcoded passwords that allow an... Critical Unreviewed

CVE-2024-45275 was published Oct 15, 2024

The devices are vulnerable to session hijacking due to insufficient entropy in its session ID... Critical Unreviewed

CVE-2024-47945 was published Oct 15, 2024

Enterprise Cloud Database from Ragic does not authenticate access to specific functionality,... Critical Unreviewed

CVE-2024-9984 was published Oct 15, 2024

SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this... Critical Unreviewed

CVE-2024-9925 was published Oct 15, 2024

Enterprise Cloud Database from Ragic does not properly validate the file type for uploads.... Critical Unreviewed

CVE-2024-9985 was published Oct 15, 2024

Property Management System from ChanGate has a SQL Injection vulnerability, allowing... Critical Unreviewed

CVE-2024-9972 was published Oct 15, 2024

AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query... Critical Unreviewed

CVE-2024-9982 was published Oct 15, 2024

The device directly executes .patch firmware upgrade files on a USB stick without any prior... Critical Unreviewed

CVE-2024-47944 was published Oct 15, 2024

Local file inclusion in Automatic Systems Maintenance SlimLane... Critical Unreviewed

CVE-2024-48823 was published Oct 14, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,141 advisories