Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

4,005 advisories

Loading
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed
CVE-2024-37773 was published Dec 17, 2024
An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean... High Unreviewed
CVE-2023-35809 was published Jun 18, 2023
Multiple Sitecore products allow remote code execution. This affects Experience Manager,... Critical Unreviewed
CVE-2023-35813 was published Jun 18, 2023
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
angelej
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed
CVE-2024-55085 was published Dec 17, 2024
An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows... High Unreviewed
CVE-2024-56072 was published Dec 15, 2024
The go command may generate unexpected code at build time when using cgo. This may result in... Critical Unreviewed
CVE-2023-29402 was published Jun 8, 2023
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed
CVE-2024-21577 was published Dec 13, 2024
ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed
CVE-2024-21576 was published Dec 13, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2024-11012 was published Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12420 was published Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12421 was published Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12417 was published Dec 13, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed
CVE-2024-54529 was published Dec 12, 2024
From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed
CVE-2024-42448 was published Dec 12, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed
CVE-2024-12333 was published Dec 12, 2024
The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed
CVE-2024-21574 was published Dec 12, 2024
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10910 was published Dec 12, 2024
An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-48453 was published Dec 4, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30961 was published Dec 6, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed
CVE-2022-38946 was published Dec 9, 2024
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able... Critical Unreviewed
CVE-2023-35853 was published Jun 19, 2023
Angular Expressions - Remote Code Execution when using locals Critical
CVE-2024-54152 was published for angular-expressions (npm) Dec 10, 2024
JorianWoltjer
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database