Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,571 advisories

Loading
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote... High Unreviewed
CVE-2024-41766 was published Jan 4, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL... High Unreviewed
CVE-2024-41767 was published Jan 4, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object... High Unreviewed
CVE-2024-10957 was published Jan 4, 2025
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions... High Unreviewed
CVE-2024-10932 was published Jan 4, 2025
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component... High Unreviewed
CVE-2024-35365 was published Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in Currency.php file High
CVE-2024-56409 was published for phpoffice/phpspreadsheet (Composer) Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in the Accounting.php file High
CVE-2024-56366 was published for phpoffice/phpspreadsheet (Composer) Jan 3, 2025
PhpSpreadsheet allows unauthorized Reflected XSS in the constructor of the Downloader class High
CVE-2024-56365 was published for phpoffice/phpspreadsheet (Composer) Jan 3, 2025
SiYuan has an arbitrary file deletion vulnerability High
CVE-2025-21609 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 3, 2025
N0el4kLs
Karmada PULL Mode Cluster Privilege Escalation High
CVE-2024-56513 was published for github.com/karmada-io/karmada (Go) Jan 3, 2025
zhzhuang-zju RainbowMango
PhpSpreadsheet allows unauthorized Reflected XSS in `Convert-Online.php` file High
CVE-2024-56408 was published for phpoffice/phpspreadsheet (Composer) Jan 3, 2025
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high... High Unreviewed
CVE-2024-9138 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-47032 was published Jan 3, 2025
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-53837 was published Jan 3, 2025
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out... High Unreviewed
CVE-2024-53838 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read... High Unreviewed
CVE-2024-53834 was published Jan 3, 2025
In multiple locations, there is a possible way to avoid unbinding of a service from the system... High Unreviewed
CVE-2024-43762 was published Jan 3, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43097 was published Jan 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database