GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,001 advisories
Filter by severity
Langflow vulnerable to remote code execution
Moderate
CVE-2024-48061
was published
for
langflow
(pip)
Nov 5, 2024
A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password...
High
Unreviewed
CVE-2024-51329
was published
Nov 4, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics...
Critical
Unreviewed
CVE-2024-10035
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2024-48359
was published
Oct 31, 2024
lilconfig Code Injection vulnerability
High
CVE-2024-21537
was published
for
lilconfig
(npm)
Oct 31, 2024
An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the Owned...
Critical
Unreviewed
CVE-2024-51424
was published
Oct 30, 2024
An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the PepeGxng...
Critical
Unreviewed
CVE-2024-51427
was published
Oct 30, 2024
The eladmin v2.7 and before contains a remote code execution (RCE) vulnerability that can control...
High
Unreviewed
CVE-2024-51243
was published
Oct 30, 2024
The com.videodownload.browser.videodownloader (aka AppTool-Browser-Video All Video Downloader)...
High
Unreviewed
CVE-2024-42041
was published
Oct 30, 2024
The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-9846
was published
Oct 30, 2024
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the...
Moderate
Unreviewed
CVE-2024-10505
was published
Oct 30, 2024
A remote code execution (RCE) vulnerability in the component /PluXml/core/admin...
Critical
Unreviewed
CVE-2024-48138
was published
Oct 30, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Now...
Critical
Unreviewed
CVE-2024-8923
was published
Oct 29, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson...
High
Unreviewed
CVE-2024-50492
was published
Oct 28, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console...
Critical
Unreviewed
CVE-2024-50498
was published
Oct 28, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress...
High
Unreviewed
CVE-2024-50450
was published
Oct 28, 2024
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code...
High
Unreviewed
CVE-2024-9162
was published
Oct 28, 2024
CycloneDX cdxgen may execute code contained within build-related files
Moderate
CVE-2024-50611
was published
for
@cyclonedx/cdxgen
(npm)
Oct 28, 2024
The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9772
was published
Oct 26, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of...
Moderate
Unreviewed
CVE-2024-48235
was published
Oct 26, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-48236
was published
Oct 26, 2024
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE)...
High
Unreviewed
CVE-2024-37845
was published
Oct 25, 2024
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI)...
Critical
Unreviewed
CVE-2024-37846
was published
Oct 25, 2024
File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker...
Critical
Unreviewed
CVE-2024-48581
was published
Oct 25, 2024
ProTip!
Advisories are also available from the
GraphQL API