GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,930

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,355 advisories

Filter by severity

Sort by

Least recently updated

In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows... Moderate Unreviewed

CVE-2024-45200 was published Sep 30, 2024

A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical.... Moderate Unreviewed

CVE-2024-9324 was published Sep 29, 2024

mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises... High Unreviewed

CVE-2024-6983 was published Sep 27, 2024

The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2024-8481 was published Sep 25, 2024

The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2024-8623 was published Sep 24, 2024

A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute... High Unreviewed

CVE-2024-46639 was published Sep 23, 2024

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ... Moderate Unreviewed

CVE-2024-37779 was published Sep 23, 2024

A condition exists in FlashArray Purity whereby an user with array admin role can execute... Critical Unreviewed

CVE-2024-0004 was published Sep 23, 2024

An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and... High Unreviewed

CVE-2024-40442 was published Sep 23, 2024

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection. Unknown Unreviewed

CVE-2024-47219 was published Sep 22, 2024

SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. Critical Unreviewed

CVE-2024-46103 was published Sep 20, 2024

SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although... Critical Unreviewed

CVE-2024-46640 was published Sep 20, 2024

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected... Moderate Unreviewed

CVE-2024-9006 was published Sep 20, 2024

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed

CVE-2024-40125 was published Sep 19, 2024

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code... High Unreviewed

CVE-2024-44623 was published Sep 16, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww... Critical Unreviewed

CVE-2024-7104 was published Sep 16, 2024

A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7.... Moderate Unreviewed

CVE-2024-8880 was published Sep 16, 2024

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-8271 was published Sep 16, 2024

The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed

CVE-2024-8479 was published Sep 16, 2024

SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker... Critical Unreviewed

CVE-2024-44430 was published Sep 13, 2024

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed

CVE-2024-44466 was published Sep 11, 2024

Azure CycleCloud Remote Code Execution Vulnerability High Unreviewed

CVE-2024-43469 was published Sep 10, 2024

Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options... Low Unreviewed

CVE-2024-8258 was published Sep 10, 2024

An unauthenticated remote attacker can run malicious c# code included in curve files and execute... Critical Unreviewed

CVE-2024-6596 was published Sep 10, 2024

The The Affiliate Super Assistent plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed

CVE-2024-8478 was published Sep 10, 2024

Previous 1 2 3 4 5 6 7 … 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,355 advisories