GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,001 advisories
Filter by severity
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary...
High
Unreviewed
CVE-2024-10910
was published
Dec 12, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2,...
High
Unreviewed
CVE-2024-54529
was published
Dec 12, 2024
From the VSPC management agent machine, under condition that the management agent is authorized...
Critical
Unreviewed
CVE-2024-42448
was published
Dec 12, 2024
Angular Expressions - Remote Code Execution when using locals
Critical
CVE-2024-54152
was published
for
angular-expressions
(npm)
Dec 10, 2024
The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for...
High
Unreviewed
CVE-2024-10959
was published
Dec 10, 2024
Arbitrary File Upload vulnerability in Doctor-Appointment version 1.0 in /Frontend/signup_com.php...
Critical
Unreviewed
CVE-2022-38946
was published
Dec 9, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR....
High
Unreviewed
CVE-2024-55580
was published
Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-12350
was published
Dec 9, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro...
Critical
Unreviewed
CVE-2024-51815
was published
Dec 6, 2024
Due to missing input validation during one step of the firmware update process, the product
is...
High
Unreviewed
CVE-2024-10771
was published
Dec 6, 2024
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent....
High
Unreviewed
CVE-2024-21571
was published
Dec 6, 2024
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-10909
was published
Dec 6, 2024
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User...
Moderate
Unreviewed
CVE-2024-10681
was published
Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2...
High
Unreviewed
CVE-2024-37862
was published
Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-...
High
Unreviewed
CVE-2024-30963
was published
Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2...
High
Unreviewed
CVE-2024-30964
was published
Dec 6, 2024
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&&...
High
Unreviewed
CVE-2024-37860
was published
Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2...
High
Unreviewed
CVE-2024-30961
was published
Dec 6, 2024
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT...
Critical
Unreviewed
CVE-2024-48840
was published
Dec 5, 2024
Improper Input Validation vulnerability allows Remote Code Execution.
Affected products:
ABB...
Critical
Unreviewed
CVE-2024-48839
was published
Dec 5, 2024
An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-48453
was published
Dec 4, 2024
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via...
High
Unreviewed
CVE-2024-10952
was published
Dec 4, 2024
hull.js Code Injection Vulnerability
Critical
GHSA-q849-wxrc-vqrp
was published
for
hull.js
(npm)
Dec 2, 2024
An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of...
High
Unreviewed
CVE-2024-53564
was published
Dec 2, 2024
Withdrawn Advisory: Symfony's VarDumper vulnerable to unsafe deserialization
High
CVE-2024-36610
was published
for
symfony/var-dumper
(Composer)
Nov 29, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API