GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,403

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,036 advisories

Filter by severity

Sort by

Least recently updated

Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp... Critical Unreviewed

CVE-2024-54295 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in www.vbsso.com vBSSO... Critical Unreviewed

CVE-2024-54297 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool... Critical Unreviewed

CVE-2024-54296 was published Dec 13, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-54234 was published Dec 13, 2024

Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege... Critical Unreviewed

CVE-2024-54239 was published Dec 13, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-54261 was published Dec 13, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export... Critical Unreviewed

CVE-2024-54262 was published Dec 13, 2024

Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object... Critical Unreviewed

CVE-2024-54273 was published Dec 13, 2024

Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support... Critical Unreviewed

CVE-2022-46838 was published Dec 13, 2024

Improper input handling in the 'Host Header' allows an unauthenticated attacker to store a... Critical Unreviewed

CVE-2024-11986 was published Dec 13, 2024

ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed

CVE-2024-21576 was published Dec 13, 2024

ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed

CVE-2024-21577 was published Dec 13, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-52057 was published Dec 13, 2024

The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed

CVE-2024-9290 was published Dec 13, 2024

A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0... Critical Unreviewed

CVE-2024-54811 was published Dec 12, 2024

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed

CVE-2024-49147 was published Dec 12, 2024

XWiki allows remote code execution through the extension sheet Critical

CVE-2024-55662 was published for org.xwiki.platform:xwiki-platform-repository-server-ui (Maven) Dec 12, 2024

http4k has a potential XXE (XML External Entity Injection) vulnerability Critical

CVE-2024-55875 was published for org.http4k:http4k-format-xml (Maven) Dec 12, 2024

XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList Critical

CVE-2024-55877 was published for org.xwiki.platform:xwiki-platform-help-ui (Maven) Dec 12, 2024

XWiki allows RCE from script right in configurable sections Critical

CVE-2024-55879 was published for org.xwiki.platform:xwiki-platform-administration-ui (Maven) Dec 12, 2024

A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul... Critical Unreviewed

CVE-2024-54810 was published Dec 12, 2024

A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring... Critical Unreviewed

CVE-2024-55099 was published Dec 12, 2024

ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of... Critical Unreviewed

CVE-2024-21575 was published Dec 12, 2024

A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin... Critical Unreviewed

CVE-2024-54842 was published Dec 12, 2024

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,036 advisories