GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

472 advisories

Filter by severity

Sort by

Least recently updated

Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed

CVE-2022-21846 was published Jan 12, 2022

The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for... Critical Unreviewed

CVE-2024-46962 was published Nov 11, 2024

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business... Critical Unreviewed

CVE-2024-35314 was published Oct 21, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics... Critical Unreviewed

CVE-2024-10035 was published Nov 4, 2024

Script injection vulnerability in the email module.Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2023-52381 was published Feb 18, 2024

Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2024-48359 was published Oct 31, 2024

An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the Owned... Critical Unreviewed

CVE-2024-51424 was published Oct 30, 2024

An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the PepeGxng... Critical Unreviewed

CVE-2024-51427 was published Oct 30, 2024

acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the... Critical Unreviewed

CVE-2023-38198 was published Jul 13, 2023

A remote code execution (RCE) vulnerability in the component /PluXml/core/admin... Critical Unreviewed

CVE-2024-48138 was published Oct 30, 2024

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI)... Critical Unreviewed

CVE-2024-37846 was published Oct 25, 2024

ServiceNow has addressed an input validation vulnerability that was identified in the Now... Critical Unreviewed

CVE-2024-8923 was published Oct 29, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console... Critical Unreviewed

CVE-2024-50498 was published Oct 28, 2024

SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a... Critical Unreviewed

CVE-2024-48579 was published Oct 25, 2024

File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker... Critical Unreviewed

CVE-2024-48581 was published Oct 25, 2024

SQL injection vulnerability in Hanzhou Haobo network management system 1.0 allows a remote... Critical Unreviewed

CVE-2024-48204 was published Oct 25, 2024

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an... Critical Unreviewed

CVE-2024-35285 was published Oct 21, 2024

The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to,... Critical Unreviewed

CVE-2021-4434 was published Jan 17, 2024

MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability. Critical Unreviewed

CVE-2023-26785 was published Oct 18, 2024

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute... Critical Unreviewed

CVE-2024-23742 was published Jan 28, 2024

Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the... Critical Unreviewed

CVE-2023-50808 was published Feb 13, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code... Critical Unreviewed

CVE-2024-49254 was published Oct 16, 2024

A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link... Critical Unreviewed

CVE-2024-48168 was published Oct 14, 2024

Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions... Critical Unreviewed

CVE-2023-32626 was published Aug 18, 2023

A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2024-45873 was published Oct 8, 2024

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

472 advisories