GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,162
Composer 4,090
Erlang 29
GitHub Actions 19
Go 1,915
Maven 5,108
npm 3,646
NuGet 638
pip 3,262
Pub 10
RubyGems 870
Rust 821
Swift 35

Unreviewed advisories

All unreviewed 229,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,797 advisories

Filter by severity

Sort by

Least recently updated

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed

CVE-2024-8254 was published Oct 2, 2024

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code... Moderate Unreviewed

CVE-2024-44744 was published Oct 1, 2024

In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows... Moderate Unreviewed

CVE-2024-45200 was published Sep 30, 2024

A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical.... Moderate Unreviewed

CVE-2024-9324 was published Sep 29, 2024

mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises... High Unreviewed

CVE-2024-6983 was published Sep 27, 2024

Remote command execution in promptr High

CVE-2024-46489 was published for @ifnotnowwhen/promptr (npm) Sep 25, 2024

The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2024-8481 was published Sep 25, 2024

The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2024-8623 was published Sep 24, 2024

A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute... High Unreviewed

CVE-2024-46639 was published Sep 23, 2024

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ... Moderate Unreviewed

CVE-2024-37779 was published Sep 23, 2024

A condition exists in FlashArray Purity whereby an user with array admin role can execute... Critical Unreviewed

CVE-2024-0004 was published Sep 23, 2024

An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and... High Unreviewed

CVE-2024-40442 was published Sep 23, 2024

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection. Unknown Unreviewed

CVE-2024-47219 was published Sep 22, 2024

SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although... Critical Unreviewed

CVE-2024-46640 was published Sep 20, 2024

SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. Critical Unreviewed

CVE-2024-46103 was published Sep 20, 2024

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected... Moderate Unreviewed

CVE-2024-9006 was published Sep 20, 2024

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed

CVE-2024-40125 was published Sep 19, 2024

sqlitedict insecure deserialization vulnerability High

CVE-2024-35515 was published for sqlitedict (pip) Sep 18, 2024

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code... High Unreviewed

CVE-2024-44623 was published Sep 16, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww... Critical Unreviewed

CVE-2024-7104 was published Sep 16, 2024

A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7.... Moderate Unreviewed

CVE-2024-8880 was published Sep 16, 2024

Composio Code Injection Vulnerability Moderate

CVE-2024-8864 was published for composio-core (pip) Sep 16, 2024

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-8271 was published Sep 16, 2024

The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2024-8479 was published Sep 16, 2024

SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker... Critical Unreviewed

CVE-2024-44430 was published Sep 13, 2024

Previous 1 2 3 4 5 … 151 152 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,797 advisories