Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

928 advisories

Loading
Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to... Moderate Unreviewed
CVE-2024-31648 was published Apr 15, 2024
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway... Moderate Unreviewed
CVE-2024-37382 was published Aug 8, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table... Moderate Unreviewed
CVE-2024-43128 was published Aug 13, 2024
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue... Moderate Unreviewed
CVE-2024-7899 was published Aug 17, 2024
Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote... Moderate Unreviewed
CVE-2024-30845 was published Apr 12, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... Moderate Unreviewed
CVE-2024-42598 was published Aug 20, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3... Moderate Unreviewed
CVE-2024-41304 was published Jul 30, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability... Moderate Unreviewed
CVE-2023-50810 was published Aug 12, 2024
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... Moderate Unreviewed
CVE-2023-31296 was published Dec 29, 2023
An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43301 was published Dec 7, 2023
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc.... Moderate Unreviewed
CVE-2024-43922 was published Aug 29, 2024
Arbitrary Code Execution in blazar-dashboard Moderate
CVE-2020-26943 was published for blazar-dashboard (pip) Oct 27, 2020
A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue... Moderate Unreviewed
CVE-2024-8523 was published Sep 7, 2024
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code.... Moderate Unreviewed
CVE-2023-39333 was published Sep 7, 2024
Remote Code Execution in create_conda_env function in lollms Moderate
CVE-2024-3121 was published for lollms (pip) Jun 24, 2024
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7.... Moderate Unreviewed
CVE-2024-8880 was published Sep 16, 2024
Composio Code Injection Vulnerability Moderate
CVE-2024-8864 was published for composio-core (pip) Sep 16, 2024
A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected... Moderate Unreviewed
CVE-2024-9006 was published Sep 20, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ... Moderate Unreviewed
CVE-2024-37779 was published Sep 23, 2024
In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows... Moderate Unreviewed
CVE-2024-45200 was published Sep 30, 2024
An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code... Moderate Unreviewed
CVE-2024-44744 was published Oct 1, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Moderate Unreviewed
CVE-2024-8254 was published Oct 2, 2024
OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute... Moderate Unreviewed
CVE-2024-45933 was published Oct 7, 2024
Plone Sandbox Bypass Moderate
CVE-2012-5493 was published for Plone (pip) May 17, 2022
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection... Moderate Unreviewed
CVE-2024-8760 was published Oct 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database