Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,253
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,402
Pub
12
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+

257,479 advisories

Loading
shared_preferences_android vulnerability Low
GHSA-3hpf-ff72-j67p was published for shared_preferences_android (Pub) Dec 6, 2024
oskar-zeinomahmalat-sonarsource reidbaker
stuartmorgan
Multiple access control vulnerabilities in Unifiedtransform version 2.0 and potentially earlier... Moderate Unreviewed
CVE-2024-12306 was published Dec 9, 2024
A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially... Moderate Unreviewed
CVE-2024-12307 was published Dec 9, 2024
An object-level access control vulnerability in Unifiedtransform version 2.0 and potentially... Moderate Unreviewed
CVE-2024-12305 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53282 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53285 was published Dec 9, 2024
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-12358 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53284 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53281 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53283 was published Dec 9, 2024
A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-12359 was published Dec 9, 2024
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has... Moderate Unreviewed
CVE-2024-12360 was published Dec 9, 2024
The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings... Unknown Unreviewed
CVE-2024-9651 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53279 was published Dec 9, 2024
A vulnerability was found in SourceCodester Best House Rental Management System 1.0 and... Moderate Unreviewed
CVE-2024-12357 was published Dec 9, 2024
Improper neutralization of input during web page generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-53280 was published Dec 9, 2024
Doorkeeper Improper Authentication vulnerability Moderate
CVE-2023-34246 was published for doorkeeper (RubyGems) Jun 12, 2023
hickford rgammans
adam-h nbudin nbulaj
Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and... Unknown Unreviewed
CVE-2024-55578 was published Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An... High Unreviewed
CVE-2024-55579 was published Dec 9, 2024
A vulnerability has been found in SourceCodester Phone Contact Manager System 1.0 and classified... Moderate Unreviewed
CVE-2024-12355 was published Dec 9, 2024
nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. Unknown Unreviewed
CVE-2024-55565 was published Dec 9, 2024
Oxide before 6 has unencrypted Control Plane datastores. Moderate Unreviewed
CVE-2024-55582 was published Dec 9, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester Phone... Moderate Unreviewed
CVE-2024-12353 was published Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database