GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,912
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,045
Maven 5,228
npm 3,737
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,289

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,899 advisories

Filter by severity

Sort by

Least recently updated

ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval()... Critical Unreviewed

CVE-2024-21577 was published Dec 13, 2024

ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in... Critical Unreviewed

CVE-2024-21576 was published Dec 13, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-52057 was published Dec 13, 2024

The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary... Critical Unreviewed

CVE-2024-9290 was published Dec 13, 2024

A SQL injection vulnerability in /index.php in PHPGurukul Park Ticketing Management System v1.0... Critical Unreviewed

CVE-2024-54811 was published Dec 12, 2024

Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to... Critical Unreviewed

CVE-2024-49147 was published Dec 12, 2024

A SQL Injection vulnerability was found in /preschool/admin/password-recovery.php in PHPGurukul... Critical Unreviewed

CVE-2024-54810 was published Dec 12, 2024

A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring... Critical Unreviewed

CVE-2024-55099 was published Dec 12, 2024

ComfyUI-Impact-Pack is vulnerable to Path Traversal. The issue stems from missing validation of... Critical Unreviewed

CVE-2024-21575 was published Dec 12, 2024

A SQL injection vulnerability was found in phpgurukul Online Nurse Hiring System v1.0 in /admin... Critical Unreviewed

CVE-2024-54842 was published Dec 12, 2024

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-10124 was published Dec 12, 2024

The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-11015 was published Dec 12, 2024

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2,... Critical Unreviewed

CVE-2024-54534 was published Dec 12, 2024

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS... Critical Unreviewed

CVE-2024-44242 was published Dec 12, 2024

A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed

CVE-2024-54465 was published Dec 12, 2024

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed

CVE-2024-54506 was published Dec 12, 2024

This issue was addressed by using HTTPS when sending information over the network. This issue is... Critical Unreviewed

CVE-2024-54492 was published Dec 12, 2024

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS... Critical Unreviewed

CVE-2024-44241 was published Dec 12, 2024

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-49112 was published Dec 12, 2024

In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the... Critical Unreviewed

CVE-2024-55884 was published Dec 12, 2024

From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed

CVE-2024-42448 was published Dec 12, 2024

GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote... Critical Unreviewed

CVE-2024-11948 was published Dec 12, 2024

CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and... Critical Unreviewed

CVE-2024-11737 was published Dec 11, 2024

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could... Critical Unreviewed

CVE-2024-11053 was published Dec 11, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,899 advisories