Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,983 advisories

Loading
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed
CVE-2024-21577 was published Dec 13, 2024
ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed
CVE-2024-21576 was published Dec 13, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2024-11012 was published Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12421 was published Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12417 was published Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12420 was published Dec 13, 2024
The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed
CVE-2024-21574 was published Dec 12, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed
CVE-2024-12333 was published Dec 12, 2024
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10910 was published Dec 12, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed
CVE-2024-54529 was published Dec 12, 2024
From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed
CVE-2024-42448 was published Dec 12, 2024
Angular Expressions - Remote Code Execution when using locals Critical
CVE-2024-54152 was published for angular-expressions (npm) Dec 10, 2024
JorianWoltjer
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for... High Unreviewed
CVE-2024-10959 was published Dec 10, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed
CVE-2022-38946 was published Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro... Critical Unreviewed
CVE-2024-51815 was published Dec 6, 2024
Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed
CVE-2024-10771 was published Dec 6, 2024
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed
CVE-2024-21571 was published Dec 6, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed
CVE-2024-10681 was published Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-10909 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed
CVE-2024-37862 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30963 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30961 was published Dec 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database