GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,448

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

21,027 advisories

Filter by severity

Sort by

Least recently updated

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-12877 was published Jan 11, 2025

An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker... Critical Unreviewed

CVE-2025-0103 was published Jan 11, 2025

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32... Critical Unreviewed

CVE-2025-22376 was published Jan 4, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation... Critical Unreviewed

CVE-2024-13279 was published Jan 9, 2025

Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing... Critical Unreviewed

CVE-2024-13280 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13281 was published Jan 9, 2025

An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in... Critical Unreviewed

CVE-2024-57687 was published Jan 10, 2025

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call... Critical Unreviewed

CVE-2023-28354 was published Jan 10, 2025

Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource... Critical Unreviewed

CVE-2024-13242 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed

CVE-2024-13258 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed

CVE-2024-13253 was published Jan 9, 2025

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')... Critical Unreviewed

CVE-2024-13264 was published Jan 9, 2025

Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: *.*. Critical Unreviewed

CVE-2024-13285 was published Jan 9, 2025

Memory corruption in Core Services while executing the command for removing a single event listener. Critical Unreviewed

CVE-2023-28578 was published Mar 4, 2024

Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13277 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue... Critical Unreviewed

CVE-2024-13278 was published Jan 9, 2025

Improper Authorization vulnerability in Drupal Open Social allows Collect Data from Common... Critical Unreviewed

CVE-2024-13241 was published Jan 9, 2025

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication... Critical Unreviewed

CVE-2024-13239 was published Jan 9, 2025

Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake. Critical Unreviewed

CVE-2023-28582 was published Mar 4, 2024

An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... Critical Unreviewed

CVE-2024-1626 was published Apr 16, 2024

lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed

CVE-2024-1741 was published Apr 10, 2024

In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI... Critical Unreviewed

CVE-2024-57823 was published Jan 10, 2025

A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in... Critical Unreviewed

CVE-2024-57686 was published Jan 10, 2025

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker... Critical Unreviewed

CVE-2024-41787 was published Jan 10, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,027 advisories