GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,893 advisories
Filter by severity
The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-8481
was published
Sep 25, 2024
The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2024-8623
was published
Sep 24, 2024
A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute...
High
Unreviewed
CVE-2024-46639
was published
Sep 23, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ...
Moderate
Unreviewed
CVE-2024-37779
was published
Sep 23, 2024
A condition exists in FlashArray Purity whereby an user with array admin role can execute...
Critical
Unreviewed
CVE-2024-0004
was published
Sep 23, 2024
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and...
High
Unreviewed
CVE-2024-40442
was published
Sep 23, 2024
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection.
Unknown
Unreviewed
CVE-2024-47219
was published
Sep 22, 2024
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
Critical
Unreviewed
CVE-2024-46103
was published
Sep 20, 2024
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although...
Critical
Unreviewed
CVE-2024-46640
was published
Sep 20, 2024
A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected...
Moderate
Unreviewed
CVE-2024-9006
was published
Sep 20, 2024
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology...
High
Unreviewed
CVE-2024-40125
was published
Sep 19, 2024
sqlitedict insecure deserialization vulnerability
High
CVE-2024-35515
was published
for
sqlitedict
(pip)
Sep 18, 2024
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code...
High
Unreviewed
CVE-2024-44623
was published
Sep 16, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww...
Critical
Unreviewed
CVE-2024-7104
was published
Sep 16, 2024
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7....
Moderate
Unreviewed
CVE-2024-8880
was published
Sep 16, 2024
Composio Code Injection Vulnerability
Moderate
CVE-2024-8864
was published
for
composio-core
(pip)
Sep 16, 2024
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-8271
was published
Sep 16, 2024
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-8479
was published
Sep 16, 2024
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker...
Critical
Unreviewed
CVE-2024-44430
was published
Sep 13, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45851
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45847
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45848
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45849
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45850
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45846
was published
for
mindsdb
(pip)
Sep 12, 2024
ProTip!
Advisories are also available from the
GraphQL API