GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
804 advisories
Filter by severity
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-27766
was published
Oct 18, 2024
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated...
Moderate
Unreviewed
CVE-2023-39593
was published
Oct 18, 2024
A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected...
Moderate
Unreviewed
CVE-2024-10073
was published
Oct 17, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection...
Moderate
Unreviewed
CVE-2024-8760
was published
Oct 12, 2024
OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute...
Moderate
Unreviewed
CVE-2024-45933
was published
Oct 7, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress...
Moderate
Unreviewed
CVE-2024-8254
was published
Oct 2, 2024
An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-44744
was published
Oct 1, 2024
In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows...
Moderate
Unreviewed
CVE-2024-45200
was published
Sep 30, 2024
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9324
was published
Sep 29, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ...
Moderate
Unreviewed
CVE-2024-37779
was published
Sep 23, 2024
A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected...
Moderate
Unreviewed
CVE-2024-9006
was published
Sep 20, 2024
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7....
Moderate
Unreviewed
CVE-2024-8880
was published
Sep 16, 2024
Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code....
Moderate
Unreviewed
CVE-2023-39333
was published
Sep 7, 2024
A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue...
Moderate
Unreviewed
CVE-2024-8523
was published
Sep 7, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc....
Moderate
Unreviewed
CVE-2024-43922
was published
Aug 29, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
Moderate
Unreviewed
CVE-2024-42598
was published
Aug 20, 2024
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue...
Moderate
Unreviewed
CVE-2024-7899
was published
Aug 17, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table...
Moderate
Unreviewed
CVE-2024-43128
was published
Aug 13, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability...
Moderate
Unreviewed
CVE-2023-50810
was published
Aug 12, 2024
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway...
Moderate
Unreviewed
CVE-2024-37382
was published
Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to...
Moderate
Unreviewed
CVE-2024-3958
was published
Aug 8, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly...
Moderate
Unreviewed
CVE-2024-6923
was published
Aug 1, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3...
Moderate
Unreviewed
CVE-2024-41304
was published
Jul 30, 2024
ProTip!
Advisories are also available from the
GraphQL API