Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4,119 advisories

Loading
Mongoose search injection vulnerability Critical
CVE-2025-23061 was published for mongoose (npm) Jan 15, 2025
skrtheboss
A improper neutralization of special elements used in a template engine [CWE-1336] in... Moderate Unreviewed
CVE-2023-47542 was published Apr 9, 2024
LlamaIndex includes an exec call for `import {cls_name}` Critical
CVE-2024-45201 was published for llama-index-core (pip) Aug 22, 2024
Apache Airflow has DAG Author Code Execution possibility in airflow-scheduler High
CVE-2024-39877 was published for apache-airflow (pip) Jul 17, 2024
PaddlePaddle vulnerable to remote code execution Critical
CVE-2024-0917 was published for paddlepaddle (pip) Mar 7, 2024
Langflow remote code execution vulnerability High
CVE-2024-37014 was published for langflow (pip) Jun 10, 2024
XWiki Platform: Remote code execution as guest via DatabaseSearch Critical
CVE-2024-31982 was published for org.xwiki.platform:xwiki-platform-search-ui (Maven) Apr 10, 2024
XWiki Platform: Remote code execution through space title and Solr space facet Critical
CVE-2024-31984 was published for org.xwiki.platform:xwiki-platform-search-solr-ui (Maven) Apr 10, 2024
TorchGeo Remote Code Execution Vulnerability High
CVE-2024-49048 was published for torchgeo (pip) Nov 12, 2024
Craft CMS has a potential RCE with a compromised security key High
CVE-2025-23209 was published for craftcms/cms (Composer) Jan 21, 2025
Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability High
GHSA-j2v2-3784-vr44 was published for opencart/opencart (Composer) Dec 18, 2024 withdrawn
ProTip! Advisories are also available from the GraphQL API