GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,102

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,397 advisories

Filter by severity

Sort by

Least recently updated

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed

CVE-2024-55085 was published Dec 17, 2024

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed

CVE-2024-37773 was published Dec 17, 2024

An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows... High Unreviewed

CVE-2024-56072 was published Dec 15, 2024

ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed

CVE-2024-21576 was published Dec 13, 2024

ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed

CVE-2024-21577 was published Dec 13, 2024

The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed

CVE-2024-11012 was published Dec 13, 2024

The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed

CVE-2024-12417 was published Dec 13, 2024

The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12420 was published Dec 13, 2024

The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-12421 was published Dec 13, 2024

An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an... Moderate Unreviewed

CVE-2024-55918 was published Dec 13, 2024

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed

CVE-2024-12333 was published Dec 12, 2024

The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2024-10910 was published Dec 12, 2024

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed

CVE-2024-54529 was published Dec 12, 2024

From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed

CVE-2024-42448 was published Dec 12, 2024

The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for... High Unreviewed

CVE-2024-10959 was published Dec 10, 2024

Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed

CVE-2022-38946 was published Dec 9, 2024

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed

CVE-2024-55580 was published Dec 9, 2024

A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed

CVE-2024-12350 was published Dec 9, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro... Critical Unreviewed

CVE-2024-51815 was published Dec 6, 2024

Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed

CVE-2024-10771 was published Dec 6, 2024

Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed

CVE-2024-21571 was published Dec 6, 2024

The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed

CVE-2024-10909 was published Dec 6, 2024

The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed

CVE-2024-10681 was published Dec 6, 2024

Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed

CVE-2024-37862 was published Dec 6, 2024

Previous 1 2 3 4 5 … 135 136 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,397 advisories