GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,648
Erlang
29
GitHub Actions
16
Go
1,705
Maven
4,937
npm
3,470
NuGet
603
pip
2,982
Pub
10
RubyGems
826
Rust
770
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,441 advisories
Filter by severity
An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate...
Moderate
Unreviewed
CVE-2023-51820
was published
Feb 2, 2024
An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute...
Critical
Unreviewed
CVE-2023-50488
was published
Feb 2, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial...
High
Unreviewed
CVE-2021-22282
was published
Feb 2, 2024
Beetl Server-Side Template Injection vulnerability
Critical
CVE-2024-22533
was published
for
com.ibeetl:beetl-core
(Maven)
Feb 2, 2024
Miro Desktop 0.8.18 on macOS allows Electron code injection.
Critical
Unreviewed
CVE-2024-23746
was published
Feb 2, 2024
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by...
Low
Unreviewed
CVE-2024-0325
was published
Feb 2, 2024
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote...
High
Unreviewed
CVE-2023-47257
was published
Feb 2, 2024
A vulnerability was found in openBI up to 1.0.8. It has been declared as critical. Affected by...
High
Unreviewed
CVE-2024-1117
was published
Jan 31, 2024
vantage6 remote code execution vulnerability
High
CVE-2024-21649
was published
for
vantage6
(pip)
Jan 30, 2024
HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker...
Moderate
Unreviewed
CVE-2023-37518
was published
Jan 30, 2024
Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07...
Critical
Unreviewed
CVE-2024-1015
was published
Jan 29, 2024
Arbitrary Code Execution in Processwire
High
CVE-2023-24676
was published
for
processwire/processwire
(Composer)
Jan 24, 2024
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root...
High
Unreviewed
CVE-2023-31037
was published
Jan 24, 2024
Code execution in Embedchain
Critical
CVE-2024-23731
was published
for
embedchain
(pip)
Jan 21, 2024
Code Injection in paddlepaddle
Critical
CVE-2024-0521
was published
for
paddlepaddle
(pip)
Jan 20, 2024
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue...
Moderate
Unreviewed
CVE-2024-0738
was published
Jan 20, 2024
Sandbox escape in Artemis Java Test Sandbox
High
CVE-2024-23681
was published
for
de.tum.in.ase:artemis-java-test-sandbox
(Maven)
Jan 19, 2024
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ...
Moderate
Unreviewed
CVE-2023-6548
was published
Jan 17, 2024
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in...
Critical
Unreviewed
CVE-2022-1609
was published
Jan 16, 2024
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of...
High
Unreviewed
CVE-2023-22526
was published
Jan 16, 2024
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of...
High
Unreviewed
CVE-2024-21672
was published
Jan 16, 2024
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of...
High
Unreviewed
CVE-2024-21673
was published
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API