Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

132,396 advisories

Loading
A valid set of credentials in a .js file and a static token for communication were obtained from... Moderate Unreviewed
CVE-2024-53683 was published Jan 17, 2025
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to... Moderate Unreviewed
CVE-2024-26156 was published Jan 17, 2025
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text... Moderate Unreviewed
CVE-2024-26155 was published Jan 17, 2025
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to... Moderate Unreviewed
CVE-2024-26154 was published Jan 17, 2025
The /rest/rights/ REST API endpoint in Becon DATAGerry through 2.2.0 contains an Incorrect Access... Moderate Unreviewed
CVE-2024-50967 was published Jan 17, 2025
A vulnerability classified as critical was found in code-projects Admission Management System 1.0... Moderate Unreviewed
CVE-2025-0527 was published Jan 17, 2025
A vulnerability, which was classified as critical, was found in code-projects Train Ticket... Moderate Unreviewed
CVE-2025-0529 was published Jan 17, 2025
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability... Moderate Unreviewed
CVE-2024-10498 was published Jan 17, 2025
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel... Moderate Unreviewed
CVE-2024-12399 was published Jan 17, 2025
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13378 was published Jan 17, 2025
The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2024-12370 was published Jan 17, 2025
The Proofreading plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-12466 was published Jan 17, 2025
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability... Moderate Unreviewed
CVE-2024-11139 was published Jan 17, 2025
The RSS Icon Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-12203 was published Jan 17, 2025
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12598 was published Jan 17, 2025
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-12637 was published Jan 17, 2025
The quote-posttype-plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13386 was published Jan 17, 2025
The Sandbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability... Moderate Unreviewed
CVE-2024-13367 was published Jan 17, 2025
The Glofox Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12508 was published Jan 17, 2025
The Sandbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'debug'... Moderate Unreviewed
CVE-2024-13366 was published Jan 17, 2025
The Payment Button for PayPal plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-13401 was published Jan 17, 2025
The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-10799 was published Jan 17, 2025
The Checkout for PayPal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-13398 was published Jan 17, 2025
The WP Inventory Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13434 was published Jan 17, 2025
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on... Moderate Unreviewed
CVE-2024-52363 was published Jan 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database