Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98,989 advisories

Loading
The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed
CVE-2024-10020 was published Nov 6, 2024
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress... High Unreviewed
CVE-2024-9946 was published Nov 6, 2024
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command... High Unreviewed
CVE-2024-47461 was published Nov 6, 2024
An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line... High Unreviewed
CVE-2024-47463 was published Nov 6, 2024
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for... High Unreviewed
CVE-2024-10028 was published Nov 6, 2024
An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line... High Unreviewed
CVE-2024-47462 was published Nov 6, 2024
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed
CVE-2024-7995 was published Nov 5, 2024
Waybox Enel X web management API authentication could be bypassed and provide administrator’s... High Unreviewed
CVE-2023-29117 was published Nov 5, 2024
Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2024-49522 was published Nov 5, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware... High Unreviewed
CVE-2024-9579 was published Nov 5, 2024
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were... High Unreviewed
CVE-2024-52022 was published Nov 5, 2024
Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52018 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52021 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52020 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52019 was published Nov 5, 2024
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a... High Unreviewed
CVE-2024-51021 was published Nov 5, 2024
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-51024 was published Nov 5, 2024
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-51023 was published Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were... High Unreviewed
CVE-2024-51010 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51009 was published Nov 5, 2024
Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51008 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51005 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-50993 was published Nov 5, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-10263 was published Nov 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database