GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 18,815
Composer 3,648
Erlang 29
GitHub Actions 16
Go 1,705
Maven 4,937
npm 3,470
NuGet 603
pip 2,984
Pub 10
RubyGems 826
Rust 772
Swift 34

Unreviewed advisories

All unreviewed 218,294

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,941 advisories

Filter by severity

Sort by

Least recently updated

Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify... Critical Unreviewed

CVE-2024-33644 was published May 17, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in MainWP MainWP Code... Critical Unreviewed

CVE-2023-23645 was published May 17, 2024

A command injection vulnerability exists in the RunGptLLM class of the llama_index library,... High Unreviewed

CVE-2024-4181 was published May 16, 2024

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1... High Unreviewed

CVE-2024-3892 was published May 15, 2024

In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack... High Unreviewed

CVE-2024-4202 was published May 15, 2024

An issue was identified in the Identity Security Cloud (ISC) Transform preview and... Critical Unreviewed

CVE-2024-3319 was published May 15, 2024

PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-39469 was published May 3, 2024

URL GET parameter "logtime" utilized within the "downloadlog" function from "cbpi/http_endpoints... Unknown Unreviewed

CVE-2024-3955 was published May 2, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Eli Scheetz Anti... Critical Unreviewed

CVE-2024-22144 was published Apr 25, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced... Critical Unreviewed

CVE-2024-31266 was published Apr 25, 2024

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug... Moderate Unreviewed

CVE-2024-20359 was published Apr 24, 2024

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows... High Unreviewed

CVE-2024-4040 was published Apr 22, 2024

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed

CVE-2024-29991 was published Apr 19, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy... Critical Unreviewed

CVE-2024-32599 was published Apr 18, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The... Unknown Unreviewed

CVE-2024-31861 was published Apr 11, 2024

An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version... Critical Unreviewed

CVE-2023-45590 was published Apr 9, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS <=11.0 that may allow a remote... Moderate Unreviewed

CVE-2024-25706 was published Apr 4, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Cwicly Builder, SL.... Critical Unreviewed

CVE-2024-24707 was published Apr 3, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto... Critical Unreviewed

CVE-2024-25096 was published Apr 3, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Oxygen Builder... Critical Unreviewed

CVE-2024-31380 was published Apr 3, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Soflyy Breakdance... Critical Unreviewed

CVE-2024-31390 was published Apr 3, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Inpersttion Slivery... High Unreviewed

CVE-2024-27191 was published Apr 3, 2024

SCM Software is a client and server application. An Authenticated System manager client can... High Unreviewed

CVE-2024-0400 was published Mar 27, 2024

A vulnerability, which was classified as critical, was found in ZhiCms 4.0. Affected is the... Moderate Unreviewed

CVE-2024-2016 was published Mar 21, 2024

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-2497 was published Mar 15, 2024

Previous 1 2 3 4 5 … 117 118 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,941 advisories