GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,933 advisories
Filter by severity
The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0...
High
Unreviewed
CVE-2024-46960
was published
Nov 8, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Critical
Unreviewed
CVE-2024-35314
was published
Oct 21, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics...
Critical
Unreviewed
CVE-2024-10035
was published
Nov 4, 2024
Vintage,
member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay...
Moderate
Unreviewed
CVE-2023-5800
was published
Feb 5, 2024
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a...
Moderate
Unreviewed
CVE-2023-5677
was published
Feb 5, 2024
Moodle Remote Code Execution vulnerability
High
CVE-2024-43425
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
Langflow vulnerable to remote code execution
Moderate
CVE-2024-48061
was published
for
langflow
(pip)
Nov 5, 2024
A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14,...
High
Unreviewed
CVE-2023-42833
was published
Jan 11, 2024
Using a markup injection an attacker could have stolen nonce values. This could have been used to...
Moderate
Unreviewed
CVE-2024-2610
was published
Mar 19, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side...
Moderate
Unreviewed
CVE-2024-3786
was published
Apr 15, 2024
A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password...
High
Unreviewed
CVE-2024-51329
was published
Nov 4, 2024
Script injection vulnerability in the email module.Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2023-52381
was published
Feb 18, 2024
Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti...
Moderate
Unreviewed
CVE-2022-42045
was published
Jul 13, 2023
Cross-site Scripting in Moodle Chat
Moderate
CVE-2024-28593
was published
for
moodle/moodle
(Composer)
Mar 22, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode...
High
Unreviewed
CVE-2024-10263
was published
Nov 5, 2024
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE)...
High
Unreviewed
CVE-2024-37845
was published
Oct 25, 2024
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9324
was published
Sep 29, 2024
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2024-48359
was published
Oct 31, 2024
PaddlePaddle vulnerable to Code Injection
Critical
CVE-2022-46742
was published
for
paddlepaddle
(pip)
Dec 7, 2022
lilconfig Code Injection vulnerability
High
CVE-2024-21537
was published
for
lilconfig
(npm)
Oct 31, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the Owned...
Critical
Unreviewed
CVE-2024-51424
was published
Oct 30, 2024
The eladmin v2.7 and before contains a remote code execution (RCE) vulnerability that can control...
High
Unreviewed
CVE-2024-51243
was published
Oct 30, 2024
The com.videodownload.browser.videodownloader (aka AppTool-Browser-Video All Video Downloader)...
High
Unreviewed
CVE-2024-42041
was published
Oct 30, 2024
ProTip!
Advisories are also available from the
GraphQL API