GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,207

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109,403 advisories

Filter by severity

Sort by

Least recently updated

An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface... Moderate Unreviewed

CVE-2024-51772 was published Dec 3, 2024

A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... Moderate Unreviewed

CVE-2024-51773 was published Dec 3, 2024

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote... Moderate Unreviewed

CVE-2024-53672 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to cross-site request forgery... Moderate Unreviewed

CVE-2024-41776 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 is vulnerable to malicious file upload by... Moderate Unreviewed

CVE-2024-25020 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2024-41775 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload... Moderate Unreviewed

CVE-2024-45676 was published Dec 3, 2024

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing... Moderate Unreviewed

CVE-2024-52548 was published Dec 3, 2024

An unauthenticated attacker can perform a null pointer dereference in the DHIP Service (UDP port... Moderate Unreviewed

CVE-2024-52546 was published Dec 3, 2024

An unauthenticated attacker can perform an out of bounds heap read in the IQ Service (TCP port... Moderate Unreviewed

CVE-2024-52545 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access... Moderate Unreviewed

CVE-2024-25036 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... Moderate Unreviewed

CVE-2024-25019 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker... Moderate Unreviewed

CVE-2024-25035 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2021-29892 was published Dec 3, 2024

The Goodlayers Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11200 was published Dec 3, 2024

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed

CVE-2024-9978 was published Dec 3, 2024

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed

CVE-2024-12082 was published Dec 3, 2024

InDesign Desktop versions 19.0, 20.0 and earlier are affected by an out-of-bounds read... Moderate Unreviewed

CVE-2024-49529 was published Dec 3, 2024

The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-11782 was published Dec 3, 2024

The Charity Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed

CVE-2024-12062 was published Dec 3, 2024

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-11326 was published Dec 3, 2024

The AWeber Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-11325 was published Dec 3, 2024

The BMLT Tabbed Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11866 was published Dec 3, 2024

The BP Profile Shortcodes Extra plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed

CVE-2024-11732 was published Dec 3, 2024

The IdeaPush plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2024-11844 was published Dec 3, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109,403 advisories