Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,297 advisories

Loading
When handling keypress events, an attacker may have been able to trick a user into bypassing the ... High Unreviewed
CVE-2024-11697 was published Nov 26, 2024
Bagisto v1.5.1 is vulnerable to Server-Side Template Injection (SSTI). High Unreviewed
CVE-2023-33570 was published Jun 28, 2023
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed
CVE-2024-11699 was published Nov 26, 2024
Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite... High Unreviewed
CVE-2023-33466 was published Jun 29, 2023
A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of... High Unreviewed
CVE-2024-53554 was published Nov 26, 2024
IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject... High Unreviewed
CVE-2024-52899 was published Nov 26, 2024
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in... High Unreviewed
CVE-2024-6507 was published Jul 4, 2024
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form... High Unreviewed
CVE-2024-11034 was published Nov 23, 2024
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3... High Unreviewed
CVE-2021-38117 was published Nov 22, 2024
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed
CVE-2024-10382 was published Nov 20, 2024
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-10899 was published Nov 20, 2024
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a... High Unreviewed
CVE-2024-50804 was published Nov 18, 2024
An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup... High Unreviewed
CVE-2024-52945 was published Nov 18, 2024
The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7... High Unreviewed
CVE-2024-11038 was published Nov 19, 2024
The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-11036 was published Nov 19, 2024
Log injection in uvicorn High
CVE-2020-7694 was published for uvicorn (pip) Jul 29, 2020
tdunlap607
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine High
CVE-2024-45053 was published for ethyca-fides (pip) Sep 4, 2024
grmpyninja andres-torres-marroquin
adamsachs daveqnet
GitHub Actions Script Injection in `ultralytics/actions` High
GHSA-7x29-qqmq-v6qc was published for ultralytics/actions (GitHub Actions) Aug 14, 2024
AdnaneKhan
XWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploader High
CVE-2024-37900 was published for org.xwiki.platform:xwiki-platform-web-war (Maven) Jul 31, 2024
RoboGR00t
The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2024-9839 was published Nov 16, 2024
Remote Code Execution on click of <a> Link in markdown preview High
CVE-2024-49362 was published for joplin (npm) Nov 14, 2024
jackfromeast
HEVC Video Extensions Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21917 was published Jan 12, 2022
Microsoft Word Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21842 was published Jan 12, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21837 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database