Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,363 advisories

Loading
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-11977 was published Dec 21, 2024
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID) High
CVE-2024-56334 was published for systeminformation (npm) Dec 20, 2024
xAiluros
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed
CVE-2024-12729 was published Dec 19, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system... High Unreviewed
CVE-2024-9154 was published Dec 19, 2024
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution High
CVE-2024-56327 was published for pyrage (pip) Dec 19, 2024
gaby woodruffw
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed
CVE-2024-11740 was published Dec 19, 2024
Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability High
GHSA-j2v2-3784-vr44 was published for opencart/opencart (Composer) Dec 18, 2024 withdrawn
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
UniSharp Laravel Filemanager Code Injection vulnerability High
CVE-2024-21546 was published for unisharp/laravel-filemanager (Composer) Dec 18, 2024
An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows... High Unreviewed
CVE-2024-56072 was published Dec 15, 2024
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
angelej
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10910 was published Dec 12, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed
CVE-2024-54529 was published Dec 12, 2024
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for... High Unreviewed
CVE-2024-10959 was published Dec 10, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed
CVE-2024-10771 was published Dec 6, 2024
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed
CVE-2024-21571 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed
CVE-2024-37862 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30963 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30964 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&&... High Unreviewed
CVE-2024-37860 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30962 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30961 was published Dec 6, 2024
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via... High Unreviewed
CVE-2024-10952 was published Dec 4, 2024
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed
CVE-2024-53564 was published Dec 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database