GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,001 advisories
Filter by severity
The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all...
High
Unreviewed
CVE-2024-9839
was published
Nov 16, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
Moderate
Unreviewed
CVE-2024-10262
was published
Nov 16, 2024
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute...
Moderate
Unreviewed
CVE-2024-51330
was published
Nov 15, 2024
An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP...
Critical
Unreviewed
CVE-2024-44758
was published
Nov 15, 2024
Remote Code Execution on click of <a> Link in markdown preview
High
CVE-2024-49362
was published
for
joplin
(npm)
Nov 14, 2024
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2.
This...
High
Unreviewed
CVE-2024-5082
was published
Nov 14, 2024
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary...
High
Unreviewed
CVE-2024-40671
was published
Nov 13, 2024
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI
High
CVE-2024-52293
was published
for
craftcms/cms
(Composer)
Nov 13, 2024
dom-iterator code execution vulnerability
Moderate
CVE-2024-21541
was published
for
dom-iterator
(npm)
Nov 13, 2024
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session...
Moderate
Unreviewed
CVE-2024-8069
was published
Nov 12, 2024
TorchGeo Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-49048
was published
Nov 12, 2024
Improper input validation in the NPU driver could allow an attacker to supply a specially crafted...
High
Unreviewed
CVE-2024-21976
was published
Nov 12, 2024
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of...
Critical
Unreviewed
CVE-2024-50636
was published
Nov 12, 2024
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for...
Critical
Unreviewed
CVE-2024-46962
was published
Nov 11, 2024
The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for...
High
Unreviewed
CVE-2024-46966
was published
Nov 11, 2024
The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android...
High
Unreviewed
CVE-2024-46964
was published
Nov 11, 2024
The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One)...
High
Unreviewed
CVE-2024-46963
was published
Nov 11, 2024
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6...
Moderate
Unreviewed
CVE-2024-46965
was published
Nov 11, 2024
The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution...
High
Unreviewed
CVE-2024-10958
was published
Nov 10, 2024
The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content...
High
Unreviewed
CVE-2024-10261
was published
Nov 9, 2024
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-10640
was published
Nov 9, 2024
The Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through...
High
Unreviewed
CVE-2024-46961
was published
Nov 8, 2024
The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0...
High
Unreviewed
CVE-2024-46960
was published
Nov 8, 2024
Moodle Remote Code Execution vulnerability
High
CVE-2024-43425
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode...
High
Unreviewed
CVE-2024-10263
was published
Nov 5, 2024
ProTip!
Advisories are also available from the
GraphQL API