Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243,182 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-10676 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-50524 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-50539 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51619 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51620 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51621 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51607 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51625 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51784 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51782 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51783 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51787 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51786 was published Nov 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable... Moderate Unreviewed
CVE-2024-51785 was published Nov 9, 2024
The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to... Moderate Unreviewed
CVE-2024-10688 was published Nov 9, 2024
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9874 was published Nov 9, 2024
The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed
CVE-2024-10871 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51602 was published Nov 9, 2024
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-10547 was published Nov 9, 2024
The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-10683 was published Nov 9, 2024
The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2024-10589 was published Nov 9, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due... Critical Unreviewed
CVE-2024-10801 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51579 was published Nov 9, 2024
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More... Moderate Unreviewed
CVE-2024-10876 was published Nov 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-51570 was published Nov 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database