Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,777
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,091 advisories

Loading
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... Critical Unreviewed
CVE-2023-34990 was published Dec 18, 2024
UniSharp Laravel Filemanager Code Injection vulnerability High
CVE-2024-21546 was published for unisharp/laravel-filemanager (Composer) Dec 18, 2024
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed
CVE-2024-55085 was published Dec 17, 2024
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed
CVE-2024-37773 was published Dec 17, 2024
An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows... High Unreviewed
CVE-2024-56072 was published Dec 15, 2024
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
angelej
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed
CVE-2024-21577 was published Dec 13, 2024
ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed
CVE-2024-21576 was published Dec 13, 2024
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary... Moderate Unreviewed
CVE-2024-11012 was published Dec 13, 2024
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution... Moderate Unreviewed
CVE-2024-12417 was published Dec 13, 2024
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12420 was published Dec 13, 2024
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-12421 was published Dec 13, 2024
An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an... Moderate Unreviewed
CVE-2024-55918 was published Dec 13, 2024
The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed
CVE-2024-21574 was published Dec 12, 2024
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions... Moderate Unreviewed
CVE-2024-12333 was published Dec 12, 2024
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2024-10910 was published Dec 12, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,... High Unreviewed
CVE-2024-54529 was published Dec 12, 2024
From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed
CVE-2024-42448 was published Dec 12, 2024
Angular Expressions - Remote Code Execution when using locals Critical
CVE-2024-54152 was published for angular-expressions (npm) Dec 10, 2024
JorianWoltjer
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for... High Unreviewed
CVE-2024-10959 was published Dec 10, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php... Critical Unreviewed
CVE-2022-38946 was published Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR.... High Unreviewed
CVE-2024-55580 was published Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-12350 was published Dec 9, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro... Critical Unreviewed
CVE-2024-51815 was published Dec 6, 2024
Due to missing input validation during one step of the firmware update process, the product is... High Unreviewed
CVE-2024-10771 was published Dec 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database