GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,297 advisories
Filter by severity
The Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through...
High
Unreviewed
CVE-2024-46961
was published
Nov 8, 2024
The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0...
High
Unreviewed
CVE-2024-46960
was published
Nov 8, 2024
Moodle Remote Code Execution vulnerability
High
CVE-2024-43425
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode...
High
Unreviewed
CVE-2024-10263
was published
Nov 5, 2024
A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password...
High
Unreviewed
CVE-2024-51329
was published
Nov 4, 2024
lilconfig Code Injection vulnerability
High
CVE-2024-21537
was published
for
lilconfig
(npm)
Oct 31, 2024
The eladmin v2.7 and before contains a remote code execution (RCE) vulnerability that can control...
High
Unreviewed
CVE-2024-51243
was published
Oct 30, 2024
The com.videodownload.browser.videodownloader (aka AppTool-Browser-Video All Video Downloader)...
High
Unreviewed
CVE-2024-42041
was published
Oct 30, 2024
The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-9846
was published
Oct 30, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson...
High
Unreviewed
CVE-2024-50492
was published
Oct 28, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress...
High
Unreviewed
CVE-2024-50450
was published
Oct 28, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code...
High
Unreviewed
CVE-2024-9162
was published
Oct 28, 2024
The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9772
was published
Oct 26, 2024
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE)...
High
Unreviewed
CVE-2024-37845
was published
Oct 25, 2024
Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to...
High
Unreviewed
CVE-2024-48700
was published
Oct 25, 2024
An issue in Total.js CMS v.1.0 allows a remote attacker to execute arbitrary code via the func.js...
High
Unreviewed
CVE-2024-48655
was published
Oct 25, 2024
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is...
High
Unreviewed
CVE-2024-47158
was published
Oct 25, 2024
Remote code execution in php-heic-to-jpg
High
CVE-2024-48514
was published
for
maestroerror/php-heic-to-jpg
(Composer)
Oct 24, 2024
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
High
CVE-2024-47879
was published
for
org.openrefine:main
(Maven)
Oct 24, 2024
OS Command Injection in Snyk gradle plugin
High
CVE-2024-48964
was published
for
snyk-gradle-plugin
(npm)
Oct 23, 2024
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and...
High
Unreviewed
CVE-2024-41714
was published
Oct 21, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API