Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,648
Erlang
29
GitHub Actions
16
Go
1,705
Maven
4,937
npm
3,470
NuGet
603
pip
2,982
Pub
10
RubyGems
826
Rust
770
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,441 advisories

An issue in Blurams Lumi Security Camera (A31C) v.2.3.38.12558 allows a physically proximate... Moderate Unreviewed
CVE-2023-51820 was published Feb 2, 2024
An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute... Critical Unreviewed
CVE-2023-50488 was published Feb 2, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial... High Unreviewed
CVE-2021-22282 was published Feb 2, 2024
Beetl Server-Side Template Injection vulnerability Critical
CVE-2024-22533 was published for com.ibeetl:beetl-core (Maven) Feb 2, 2024
yoshizawa-masatoshi
Miro Desktop 0.8.18 on macOS allows Electron code injection. Critical Unreviewed
CVE-2024-23746 was published Feb 2, 2024
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-0325 was published Feb 2, 2024
ConnectWise ScreenConnect through 23.8.4 allows man-in-the-middle attackers to achieve remote... High Unreviewed
CVE-2023-47257 was published Feb 2, 2024
A vulnerability was found in openBI up to 1.0.8. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-1117 was published Jan 31, 2024
vantage6 remote code execution vulnerability High
CVE-2024-21649 was published for vantage6 (pip) Jan 30, 2024
HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker... Moderate Unreviewed
CVE-2023-37518 was published Jan 30, 2024
Remote command execution vulnerability in SE-elektronic GmbH E-DDC3.3 affecting versions 03.07... Critical Unreviewed
CVE-2024-1015 was published Jan 29, 2024
Arbitrary Code Execution in Processwire High
CVE-2023-24676 was published for processwire/processwire (Composer) Jan 24, 2024
NVIDIA Bluefield 2 and Bluefield 3 DPU BMC contains a vulnerability in ipmitool, where a root... High Unreviewed
CVE-2023-31037 was published Jan 24, 2024
Code execution in pandasai Critical
CVE-2024-23752 was published for pandasai (pip) Jan 22, 2024
Code execution in metagpt High
CVE-2024-23750 was published for metagpt (pip) Jan 22, 2024
Code execution in Embedchain Critical
CVE-2024-23731 was published for embedchain (pip) Jan 21, 2024
Code Injection in paddlepaddle Critical
CVE-2024-0521 was published for paddlepaddle (pip) Jan 20, 2024
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue... Moderate Unreviewed
CVE-2024-0738 was published Jan 20, 2024
Sandbox escape in Artemis Java Test Sandbox High
CVE-2024-23681 was published for de.tum.in.ase:artemis-java-test-sandbox (Maven) Jan 19, 2024
Arbitrary Code Execution in Pillow High
CVE-2023-50447 was published for Pillow (pip) Jan 19, 2024
[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ... Moderate Unreviewed
CVE-2023-6548 was published Jan 17, 2024
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in... Critical Unreviewed
CVE-2022-1609 was published Jan 16, 2024
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of... High Unreviewed
CVE-2023-22526 was published Jan 16, 2024
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of... High Unreviewed
CVE-2024-21672 was published Jan 16, 2024
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of... High Unreviewed
CVE-2024-21673 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API