Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

30,740 advisories

Loading
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7... Critical Unreviewed
CVE-2023-40051 was published Jan 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-5806 was published Jan 18, 2024
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow... Critical Unreviewed
CVE-2024-22317 was published Jan 18, 2024
Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka... Critical Unreviewed
CVE-2023-44077 was published Jan 17, 2024
Blind SQL injection in shopware Critical
CVE-2024-22406 was published for shopware/core (Composer) Jan 17, 2024
Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This... Critical Unreviewed
CVE-2024-0642 was published Jan 17, 2024
Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product,... Critical Unreviewed
CVE-2024-0643 was published Jan 17, 2024
The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to,... Critical Unreviewed
CVE-2021-4434 was published Jan 17, 2024
In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin... Critical Unreviewed
CVE-2024-22916 was published Jan 17, 2024
An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator... Critical Unreviewed
CVE-2023-39691 was published Jan 17, 2024
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows... Critical Unreviewed
CVE-2023-52042 was published Jan 17, 2024
An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary... Critical Unreviewed
CVE-2023-52041 was published Jan 16, 2024
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware... Critical Unreviewed
CVE-2023-49351 was published Jan 16, 2024
The GiveWP WordPress plugin before 2.24.1 does not properly escape user input before it reaches... Critical Unreviewed
CVE-2023-0224 was published Jan 16, 2024
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in... Critical Unreviewed
CVE-2022-1609 was published Jan 16, 2024
The WordPress Database Administrator WordPress plugin through 1.0.3 does not properly sanitise... Critical Unreviewed
CVE-2023-3211 was published Jan 16, 2024
Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2023-52103 was published Jan 16, 2024
The DownloadProviderMain module has a vulnerability in API permission verification. Successful... Critical Unreviewed
CVE-2023-52106 was published Jan 16, 2024
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious... Critical Unreviewed
CVE-2023-34063 was published Jan 16, 2024
Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this... Critical Unreviewed
CVE-2023-52101 was published Jan 16, 2024
Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data... Critical Unreviewed
CVE-2023-22527 was published Jan 16, 2024
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of... Critical Unreviewed
CVE-2023-6049 was published Jan 15, 2024
The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers... Critical Unreviewed
CVE-2023-6623 was published Jan 15, 2024
pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign... Critical Unreviewed
CVE-2020-36770 was published Jan 15, 2024
Intumit inc. SmartRobot's web framwork has a remote code execution vulnerability. An unauthorized... Critical Unreviewed
CVE-2024-0552 was published Jan 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database