Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,336 advisories

Loading
Windows Search Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21292 was published Jan 14, 2025
Microsoft Power Automate Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21187 was published Jan 14, 2025
The administrator is able to configure an insecure captive portal script High Unreviewed
CVE-2024-9132 was published Jan 11, 2025
The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator... High Unreviewed
CVE-2024-12471 was published Jan 7, 2025
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-50715 was published Dec 27, 2024
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via... High Unreviewed
CVE-2024-54907 was published Dec 26, 2024
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-11977 was published Dec 21, 2024
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID) High
CVE-2024-56334 was published for systeminformation (npm) Dec 20, 2024
xAiluros
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed
CVE-2024-12729 was published Dec 19, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system... High Unreviewed
CVE-2024-9154 was published Dec 19, 2024
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution High
CVE-2024-56327 was published for pyrage (pip) Dec 19, 2024
gaby woodruffw
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed
CVE-2024-11740 was published Dec 19, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
UniSharp Laravel Filemanager Code Injection vulnerability High
CVE-2024-21546 was published for unisharp/laravel-filemanager (Composer) Dec 18, 2024
An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows... High Unreviewed
CVE-2024-56072 was published Dec 15, 2024
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
angelej
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10910 was published Dec 12, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed
CVE-2024-54529 was published Dec 12, 2024
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for... High Unreviewed
CVE-2024-10959 was published Dec 10, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed
CVE-2024-10771 was published Dec 6, 2024
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed
CVE-2024-21571 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed
CVE-2024-37862 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30963 was published Dec 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database