GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,746

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,934 advisories

Filter by severity

Sort by

Least recently updated

Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed

CVE-2024-11699 was published Nov 26, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite... High Unreviewed

CVE-2023-33466 was published Jun 29, 2023

A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of... High Unreviewed

CVE-2024-53554 was published Nov 26, 2024

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed

CVE-2024-52765 was published Nov 20, 2024

Plone Arbitrary Code Execution via Unsafe Handling of Pickles Critical

CVE-2007-5741 was published for plone (pip) May 1, 2022

The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed

CVE-2024-11002 was published Nov 26, 2024

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject... High Unreviewed

CVE-2024-52899 was published Nov 26, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed

CVE-2024-28811 was published Sep 30, 2024

Vanna prompt injection code execution Critical

CVE-2024-5565 was published for vanna (pip) May 31, 2024

Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in... High Unreviewed

CVE-2024-6507 was published Jul 4, 2024

The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form... High Unreviewed

CVE-2024-11034 was published Nov 23, 2024

langchain arbitrary code execution vulnerability Critical

CVE-2023-36258 was published for langchain (pip) Jul 3, 2023

Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3... High Unreviewed

CVE-2021-38117 was published Nov 22, 2024

There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed

CVE-2024-10382 was published Nov 20, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed

CVE-2024-52434 was published Nov 18, 2024

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed

CVE-2024-10094 was published Nov 20, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed

CVE-2024-52427 was published Nov 18, 2024

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-10899 was published Nov 20, 2024

PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of... Critical Unreviewed

CVE-2024-50636 was published Nov 12, 2024

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2023-29382 was published Jul 6, 2023

xalpha vulnerable to Remote Code Execution Critical

CVE-2023-37659 was published for xalpha (pip) Jul 11, 2023

Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers Critical

CVE-2009-0668 was published for ZODB3 (pip) May 2, 2022

Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a... High Unreviewed

CVE-2024-50804 was published Nov 18, 2024

Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of... Critical Unreviewed

CVE-2024-50919 was published Nov 18, 2024

Previous 1 2 3 4 5 … 157 158 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,934 advisories