GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
472 advisories
Filter by severity
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for...
Critical
Unreviewed
CVE-2024-46962
was published
Nov 11, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics...
Critical
Unreviewed
CVE-2024-10035
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2024-48359
was published
Oct 31, 2024
An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the PepeGxng...
Critical
Unreviewed
CVE-2024-51427
was published
Oct 30, 2024
An issue in Ethereum v.1.12.2 allows remote attacker to execute arbitrary code via the Owned...
Critical
Unreviewed
CVE-2024-51424
was published
Oct 30, 2024
A remote code execution (RCE) vulnerability in the component /PluXml/core/admin...
Critical
Unreviewed
CVE-2024-48138
was published
Oct 30, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Now...
Critical
Unreviewed
CVE-2024-8923
was published
Oct 29, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console...
Critical
Unreviewed
CVE-2024-50498
was published
Oct 28, 2024
MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI)...
Critical
Unreviewed
CVE-2024-37846
was published
Oct 25, 2024
SQL injection vulnerability in Hanzhou Haobo network management system 1.0 allows a remote...
Critical
Unreviewed
CVE-2024-48204
was published
Oct 25, 2024
File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker...
Critical
Unreviewed
CVE-2024-48581
was published
Oct 25, 2024
SQL Injection vulnerability in Best House rental management system project in php v.1.0 allows a...
Critical
Unreviewed
CVE-2024-48579
was published
Oct 25, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Critical
Unreviewed
CVE-2024-35314
was published
Oct 21, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35285
was published
Oct 21, 2024
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability.
Critical
Unreviewed
CVE-2023-26785
was published
Oct 18, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code...
Critical
Unreviewed
CVE-2024-49254
was published
Oct 16, 2024
A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link...
Critical
Unreviewed
CVE-2024-48168
was published
Oct 14, 2024
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2024-45873
was published
Oct 8, 2024
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code ...
Critical
Unreviewed
CVE-2024-45874
was published
Oct 8, 2024
RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code...
Critical
Unreviewed
CVE-2024-46076
was published
Oct 7, 2024
FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials.
Critical
Unreviewed
CVE-2024-45186
was published
Oct 2, 2024
A condition exists in FlashArray Purity whereby an user with array admin role can execute...
Critical
Unreviewed
CVE-2024-0004
was published
Sep 23, 2024
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
Critical
Unreviewed
CVE-2024-46103
was published
Sep 20, 2024
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although...
Critical
Unreviewed
CVE-2024-46640
was published
Sep 20, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww...
Critical
Unreviewed
CVE-2024-7104
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API