Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,330 advisories

Loading
The Post Saint: ChatGPT, GPT4, DALL-E, Stable Diffusion, Pexels, Dezgo AI Text & Image Generator... High Unreviewed
CVE-2024-12471 was published Jan 7, 2025
A potential security vulnerability has been identified with a version of the HP Softpaq installer... High Unreviewed
CVE-2019-16283 was published Jun 9, 2023
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
Server Side Template Injection (SSTI) via Twig escape handler High
CVE-2024-28119 was published for getgrav/grav (Composer) Mar 22, 2024
as3617 juckchang
Server Side Template Injection (SSTI) High
CVE-2024-28118 was published for getgrav/grav (Composer) Mar 22, 2024
as3617 juckchang
Server Side Template Injection (SSTI) High
CVE-2024-28117 was published for getgrav/grav (Composer) Mar 22, 2024
as3617 juckchang
.NET Remote Code Execution Vulnerability High
CVE-2022-41089 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Dec 14, 2022
tdunlap607
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-37982 was published Oct 12, 2022
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2022-30141 was published Jun 16, 2022
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30145 was published Jun 16, 2022
Windows Fax Service Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-29115 was published May 11, 2022
An issue in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-50715 was published Dec 27, 2024
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via... High Unreviewed
CVE-2024-54907 was published Dec 26, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system... High Unreviewed
CVE-2024-9154 was published Dec 19, 2024
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-11977 was published Dec 21, 2024
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID) High
CVE-2024-56334 was published for systeminformation (npm) Dec 20, 2024
xAiluros
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution High
CVE-2024-56327 was published for pyrage (pip) Dec 19, 2024
gaby woodruffw
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2013-3163 was published May 14, 2022
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed
CVE-2024-12729 was published Dec 19, 2024
Remote code execution in php-heic-to-jpg High
CVE-2024-48514 was published for maestroerror/php-heic-to-jpg (Composer) Oct 24, 2024
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9... High Unreviewed
CVE-2009-1862 was published May 2, 2022
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for... High Unreviewed
CVE-2009-0557 was published May 2, 2022
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in... High Unreviewed
CVE-2024-11740 was published Dec 19, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS... High Unreviewed
CVE-2024-56051 was published Dec 18, 2024
UniSharp Laravel Filemanager Code Injection vulnerability High
CVE-2024-21546 was published for unisharp/laravel-filemanager (Composer) Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database