GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,068

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

816 advisories

Filter by severity

Sort by

Least recently updated

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session... Moderate Unreviewed

CVE-2024-8069 was published Nov 12, 2024

The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6... Moderate Unreviewed

CVE-2024-46965 was published Nov 11, 2024

A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the... Moderate Unreviewed

CVE-2024-10505 was published Oct 30, 2024

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-48236 was published Oct 26, 2024

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of... Moderate Unreviewed

CVE-2024-48235 was published Oct 26, 2024

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and... Moderate Unreviewed

CVE-2024-20485 was published Oct 23, 2024

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business... Moderate Unreviewed

CVE-2024-35315 was published Oct 21, 2024

A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow... Moderate Unreviewed

CVE-2024-41712 was published Oct 21, 2024

An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-27766 was published Oct 18, 2024

Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated... Moderate Unreviewed

CVE-2023-39593 was published Oct 18, 2024

A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in... Moderate Unreviewed

CVE-2024-48744 was published Oct 16, 2024

An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A... Moderate Unreviewed

CVE-2024-41997 was published Oct 14, 2024

The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection... Moderate Unreviewed

CVE-2024-8760 was published Oct 12, 2024

OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute... Moderate Unreviewed

CVE-2024-45933 was published Oct 7, 2024

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed

CVE-2024-8254 was published Oct 2, 2024

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code... Moderate Unreviewed

CVE-2024-44744 was published Oct 1, 2024

In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows... Moderate Unreviewed

CVE-2024-45200 was published Sep 30, 2024

A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical.... Moderate Unreviewed

CVE-2024-9324 was published Sep 29, 2024

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ... Moderate Unreviewed

CVE-2024-37779 was published Sep 23, 2024

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected... Moderate Unreviewed

CVE-2024-9006 was published Sep 20, 2024

A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7.... Moderate Unreviewed

CVE-2024-8880 was published Sep 16, 2024

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code.... Moderate Unreviewed

CVE-2023-39333 was published Sep 7, 2024

A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue... Moderate Unreviewed

CVE-2024-8523 was published Sep 7, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc.... Moderate Unreviewed

CVE-2024-43922 was published Aug 29, 2024

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... Moderate Unreviewed

CVE-2024-42598 was published Aug 20, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

816 advisories