Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,304 advisories

Loading
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2024-53688 was published Dec 18, 2024
In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and... High Unreviewed
CVE-2024-56174 was published Dec 18, 2024
The CRM WordPress Plugin – RepairBuddy plugin for WordPress is vulnerable to privilege escalation... High Unreviewed
CVE-2024-12259 was published Dec 18, 2024
The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover... High Unreviewed
CVE-2024-12432 was published Dec 18, 2024
Spatie Browsershot Directory Traversal vulnerability High
CVE-2024-21547 was published for spatie/browsershot (Composer) Dec 18, 2024
UniSharp Laravel Filemanager Code Injection vulnerability High
CVE-2024-21546 was published for unisharp/laravel-filemanager (Composer) Dec 18, 2024
Authorization bypass through user-controlled key vulnerability in streaming service in Synology... High Unreviewed
CVE-2024-4464 was published Dec 18, 2024
The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy'... High Unreviewed
CVE-2024-12025 was published Dec 18, 2024
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
An issue in H3C switch h3c-S1526 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2024-51175 was published Dec 18, 2024
Open Cluster Management vulnerable to Trust Boundary Violation High
CVE-2024-9779 was published for open-cluster-management.io/ocm (Go) Dec 18, 2024
Databricks JDBC Driver Command Injection vulnerability High
CVE-2024-49194 was published for com.databricks:databricks-jdbc (Maven) Dec 17, 2024
Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited,... High Unreviewed
CVE-2024-10476 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-11422 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12198 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed
CVE-2024-12179 was published Dec 17, 2024
A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12192 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12199 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12191 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory... High Unreviewed
CVE-2024-12194 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory... High Unreviewed
CVE-2024-12178 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12197 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12193 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12200 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed
CVE-2024-12669 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database