Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,926 advisories

Loading
The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form... High Unreviewed
CVE-2024-11034 was published Nov 23, 2024
langchain arbitrary code execution vulnerability Critical
CVE-2023-36258 was published for langchain (pip) Jul 3, 2023
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3... High Unreviewed
CVE-2021-38117 was published Nov 22, 2024
Plone Arbitrary Code Execution via Unsafe Handling of Pickles High
CVE-2007-5741 was published for plone (pip) May 1, 2022
There exists a code execution vulnerability in the Car App Android Jetpack Library. In the... High Unreviewed
CVE-2024-10382 was published Nov 20, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed
CVE-2024-52434 was published Nov 18, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed
CVE-2024-10094 was published Nov 20, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed
CVE-2024-52427 was published Nov 18, 2024
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-10899 was published Nov 20, 2024
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of... Critical Unreviewed
CVE-2024-50636 was published Nov 12, 2024
An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2023-29382 was published Jul 6, 2023
xalpha vulnerable to Remote Code Execution Critical
CVE-2023-37659 was published for xalpha (pip) Jul 11, 2023
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers Critical
CVE-2009-0668 was published for ZODB3 (pip) May 2, 2022
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a... High Unreviewed
CVE-2024-50804 was published Nov 18, 2024
Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of... Critical Unreviewed
CVE-2024-50919 was published Nov 18, 2024
An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup... High Unreviewed
CVE-2024-52945 was published Nov 18, 2024
Code injection in ymlref Critical
CVE-2018-20133 was published for ymlref (pip) Dec 19, 2018
The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7... High Unreviewed
CVE-2024-11038 was published Nov 19, 2024
The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in... High Unreviewed
CVE-2024-11036 was published Nov 19, 2024
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
Log injection in uvicorn High
CVE-2020-7694 was published for uvicorn (pip) Jul 29, 2020
tdunlap607
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
JSONPath Plus Remote Code Execution (RCE) Vulnerability Critical
CVE-2024-21534 was published for jsonpath-plus (Maven) Oct 11, 2024
jdong10
Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine High
CVE-2024-45053 was published for ethyca-fides (pip) Sep 4, 2024
grmpyninja andres-torres-marroquin
adamsachs daveqnet
req may send an unintended request when a malformed URL is provided Moderate
CVE-2024-45258 was published for github.com/imroc/req (Go) Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database