GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,983 advisories
Filter by severity
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
High
CVE-2024-55661
was published
for
laravel/pulse
(Composer)
Dec 13, 2024
The go command may generate unexpected code at build time when using cgo. This may result in...
Critical
Unreviewed
CVE-2023-29402
was published
Jun 8, 2023
ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in...
Critical
Unreviewed
CVE-2024-21576
was published
Dec 13, 2024
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()...
Critical
Unreviewed
CVE-2024-21577
was published
Dec 13, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary...
Moderate
Unreviewed
CVE-2024-11012
was published
Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-12420
was published
Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-12421
was published
Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution...
Moderate
Unreviewed
CVE-2024-12417
was published
Dec 13, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,...
High
Unreviewed
CVE-2024-54529
was published
Dec 12, 2024
From the VSPC management agent machine, under condition that the management agent is authorized...
Critical
Unreviewed
CVE-2024-42448
was published
Dec 12, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions...
Moderate
Unreviewed
CVE-2024-12333
was published
Dec 12, 2024
The issue stems from a missing validation of the pip field in a POST request sent to the ...
Critical
Unreviewed
CVE-2024-21574
was published
Dec 12, 2024
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2024-10910
was published
Dec 12, 2024
An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-48453
was published
Dec 4, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2...
High
Unreviewed
CVE-2024-30961
was published
Dec 6, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-12350
was published
Dec 9, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php...
Critical
Unreviewed
CVE-2022-38946
was published
Dec 9, 2024
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able...
Critical
Unreviewed
CVE-2023-35853
was published
Jun 19, 2023
Angular Expressions - Remote Code Execution when using locals
Critical
CVE-2024-54152
was published
for
angular-expressions
(npm)
Dec 10, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR....
High
Unreviewed
CVE-2024-55580
was published
Dec 9, 2024
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for...
High
Unreviewed
CVE-2024-10959
was published
Dec 10, 2024
Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,...
Moderate
Unreviewed
CVE-2024-28005
was published
Mar 28, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-...
High
Unreviewed
CVE-2024-30963
was published
Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2...
High
Unreviewed
CVE-2024-30964
was published
Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&&...
High
Unreviewed
CVE-2024-37860
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API