Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,090 advisories

Loading
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent.... High Unreviewed
CVE-2024-21571 was published Dec 6, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User... Moderate Unreviewed
CVE-2024-10681 was published Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-10909 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2... High Unreviewed
CVE-2024-37862 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&&... High Unreviewed
CVE-2024-37860 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30963 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30964 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30962 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30961 was published Dec 6, 2024
Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT... Critical Unreviewed
CVE-2024-48840 was published Dec 5, 2024
Improper Input Validation vulnerability allows Remote Code Execution.  Affected products: ABB... Critical Unreviewed
CVE-2024-48839 was published Dec 5, 2024
An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-48453 was published Dec 4, 2024
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via... High Unreviewed
CVE-2024-10952 was published Dec 4, 2024
hull.js Code Injection Vulnerability Critical
GHSA-q849-wxrc-vqrp was published for hull.js (npm) Dec 2, 2024
mcoimbra filipeom
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed
CVE-2024-53564 was published Dec 2, 2024
Withdrawn Advisory: Symfony's VarDumper vulnerable to unsafe deserialization High
CVE-2024-36610 was published for symfony/var-dumper (Composer) Nov 29, 2024 withdrawn
jderusse
In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnerability exists in the... Critical Unreviewed
CVE-2024-36622 was published Nov 29, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows... High Unreviewed
CVE-2024-11620 was published Nov 28, 2024
The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is... Critical Unreviewed
CVE-2024-8672 was published Nov 28, 2024
In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at... Critical Unreviewed
CVE-2024-53920 was published Nov 27, 2024
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Critical Unreviewed
CVE-2024-53604 was published Nov 27, 2024
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed
CVE-2024-52959 was published Nov 27, 2024
When handling keypress events, an attacker may have been able to trick a user into bypassing the ... High Unreviewed
CVE-2024-11697 was published Nov 26, 2024
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed
CVE-2024-11699 was published Nov 26, 2024
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via... Moderate Unreviewed
CVE-2024-11002 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database