GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,939 advisories
Filter by severity
Remote code execution in php-heic-to-jpg
High
CVE-2024-48514
was published
for
maestroerror/php-heic-to-jpg
(Composer)
Oct 24, 2024
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
High
CVE-2024-47879
was published
for
org.openrefine:main
(Maven)
Oct 24, 2024
OS Command Injection in Snyk gradle plugin
High
CVE-2024-48964
was published
for
snyk-gradle-plugin
(npm)
Oct 23, 2024
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and...
Moderate
Unreviewed
CVE-2024-20485
was published
Oct 23, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Critical
Unreviewed
CVE-2024-35314
was published
Oct 21, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Moderate
Unreviewed
CVE-2024-35315
was published
Oct 21, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35285
was published
Oct 21, 2024
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and...
High
Unreviewed
CVE-2024-41714
was published
Oct 21, 2024
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow...
Moderate
Unreviewed
CVE-2024-41712
was published
Oct 21, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-27766
was published
Oct 18, 2024
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated...
Moderate
Unreviewed
CVE-2023-39593
was published
Oct 18, 2024
MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability.
Critical
Unreviewed
CVE-2023-26785
was published
Oct 18, 2024
Flair allows arbitrary code execution
Moderate
CVE-2024-10073
was published
for
flair
(pip)
Oct 17, 2024
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code...
Critical
Unreviewed
CVE-2024-49254
was published
Oct 16, 2024
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is...
High
Unreviewed
CVE-2024-9061
was published
Oct 16, 2024
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &...
High
Unreviewed
CVE-2024-48279
was published
Oct 15, 2024
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9837
was published
Oct 15, 2024
A stack overflow vulnerability exists in the sub_402280 function of the HNAP service of D-Link...
Critical
Unreviewed
CVE-2024-48168
was published
Oct 14, 2024
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection...
Moderate
Unreviewed
CVE-2024-8760
was published
Oct 12, 2024
A vulnerability was discovered in FBM_292W-21.03.10V, which has been classified as critical. This...
High
Unreviewed
CVE-2024-44414
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API