Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

923 advisories

Loading
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6... Moderate Unreviewed
CVE-2024-46965 was published Nov 11, 2024
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an... Moderate Unreviewed
CVE-2024-3044 was published May 14, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed
CVE-2024-8069 was published Nov 12, 2024
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-21928 was published Jan 12, 2022
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed
CVE-2024-10262 was published Nov 16, 2024
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible Moderate
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
req may send an unintended request when a malformed URL is provided Moderate
CVE-2024-45258 was published for github.com/imroc/req (Go) Aug 26, 2024
@blakeembrey/template vulnerable to code injection when attacker controls template input Moderate
CVE-2024-45390 was published for @blakeembrey/template (npm) Sep 3, 2024
mcoimbra filipeom
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-11002 was published Nov 26, 2024
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute... Moderate Unreviewed
CVE-2024-51330 was published Nov 15, 2024
QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers... Moderate Unreviewed
CVE-2024-39165 was published Jul 4, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed
CVE-2024-10681 was published Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-10909 was published Dec 6, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed
CVE-2024-12333 was published Dec 12, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12417 was published Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12420 was published Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12421 was published Dec 13, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2024-11012 was published Dec 13, 2024
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed
CVE-2024-37773 was published Dec 17, 2024
An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an... Moderate Unreviewed
CVE-2024-55918 was published Dec 13, 2024
openCart Server-Side Template Injection (SSTI) vulnerability Moderate
CVE-2024-36694 was published for opencart/opencart (Composer) Jul 17, 2024
Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26)... Moderate Unreviewed
CVE-2024-12908 was published Dec 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database