Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

904 advisories

Loading
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2024-11012 was published Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12421 was published Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12417 was published Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12420 was published Dec 13, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed
CVE-2024-12333 was published Dec 12, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed
CVE-2024-10681 was published Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-10909 was published Dec 6, 2024
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-11002 was published Nov 26, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed
CVE-2024-10262 was published Nov 16, 2024
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute... Moderate Unreviewed
CVE-2024-51330 was published Nov 15, 2024
dom-iterator code execution vulnerability Moderate
CVE-2024-21541 was published for dom-iterator (npm) Nov 13, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed
CVE-2024-8069 was published Nov 12, 2024
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6... Moderate Unreviewed
CVE-2024-46965 was published Nov 11, 2024
Langflow vulnerable to remote code execution Moderate
CVE-2024-48061 was published for langflow (pip) Nov 5, 2024
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the... Moderate Unreviewed
CVE-2024-10505 was published Oct 30, 2024
CycloneDX cdxgen may execute code contained within build-related files Moderate
CVE-2024-50611 was published for @cyclonedx/cdxgen (npm) Oct 28, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-48236 was published Oct 26, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of... Moderate Unreviewed
CVE-2024-48235 was published Oct 26, 2024
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and... Moderate Unreviewed
CVE-2024-20485 was published Oct 23, 2024
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow... Moderate Unreviewed
CVE-2024-41712 was published Oct 21, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business... Moderate Unreviewed
CVE-2024-35315 was published Oct 21, 2024
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-27766 was published Oct 18, 2024
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated... Moderate Unreviewed
CVE-2023-39593 was published Oct 18, 2024
Flair allows arbitrary code execution Moderate
CVE-2024-10073 was published for flair (pip) Oct 17, 2024
m3t3kh4n
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database