Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,315
Erlang
31
GitHub Actions
21
Go
2,073
Maven
5,000+
npm
3,744
NuGet
674
pip
3,433
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

754 advisories

Loading
Vulnerability in the Oracle Communications Converged Application Server product of Oracle... Critical Unreviewed
CVE-2023-21890 was published Jan 18, 2023
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker... Critical Unreviewed
CVE-2024-44430 was published Sep 13, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww... Critical Unreviewed
CVE-2024-7104 was published Sep 16, 2024
Eve allows execution of arbitrary code Critical
CVE-2018-8097 was published for eve (pip) Jul 12, 2018
graphite-web is vulnerable to Remote Code Execution via renderLocalView function Critical
CVE-2013-5093 was published for graphite-web (pip) May 17, 2022
graphite-web is vulnerable to Remote Code Execution Critical
CVE-2013-5942 was published for graphite-web (pip) May 17, 2022
ipycache is vulnerable to Code Injection Critical
CVE-2019-7539 was published for ipycache (pip) Mar 25, 2019
An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted... Critical Unreviewed
CVE-2023-44011 was published Oct 3, 2023
A condition exists in FlashArray Purity whereby an user with array admin role can execute... Critical Unreviewed
CVE-2024-0004 was published Sep 23, 2024
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. Critical Unreviewed
CVE-2024-46103 was published Sep 20, 2024
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although... Critical Unreviewed
CVE-2024-46640 was published Sep 20, 2024
joblib vulnerable to arbitrary code execution Critical
CVE-2022-21797 was published for joblib (pip) Sep 27, 2022
dawookie
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file. Critical Unreviewed
CVE-2023-43222 was published Sep 27, 2023
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at... Critical Unreviewed
CVE-2023-43234 was published Sep 27, 2023
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an... Critical Unreviewed
CVE-2024-22127 was published Mar 12, 2024
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and... Critical Unreviewed
CVE-2024-6386 was published Aug 21, 2024
LangChain vulnerable to arbitrary code execution Critical
CVE-2023-38860 was published for langchain (pip) Aug 15, 2023
langchain Code Injection vulnerability Critical
CVE-2023-36095 was published for langchain (pip) Aug 5, 2023
LangChain vulnerable to arbitrary code execution Critical
CVE-2023-38896 was published for langchain (pip) Aug 15, 2023
langchain vulnerable to arbitrary code execution Critical
CVE-2023-36281 was published for langchain (pip) Aug 22, 2023
eyurtsev
Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library Critical
CVE-2023-39631 was published for langchain (pip) Sep 1, 2023
eyurtsev
LangChain vulnerable to code injection Critical
CVE-2023-29374 was published for langchain (pip) Apr 5, 2023
Eval injection in Supybot/Limnoria Critical
CVE-2019-19010 was published for limnoria (pip) Nov 20, 2019
llama-index vulnerable to arbitrary code execution Critical
CVE-2023-39662 was published for llama-index (pip) Aug 15, 2023
KaliforniaShell
Installer RCE on settings file write in MyBB before 1.8.22. Critical Unreviewed
CVE-2020-22612 was published Sep 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database