GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
719 advisories
PrismJS DOM Clobbering vulnerability
Moderate
CVE-2024-53382
was published
for
prismjs
(npm)
Mar 3, 2025
Mautic allows Remote Code Execution and File Deletion in Asset Uploads
Critical
CVE-2024-47051
was published
for
mautic/core
(Composer)
Feb 26, 2025
Plenti - Code Injection - Denial of Services
Moderate
CVE-2025-26260
was published
for
github.com/plentico/plenti
(Go)
Feb 5, 2025
Mongoose search injection vulnerability
Critical
CVE-2025-23061
was published
for
mongoose
(npm)
Jan 15, 2025
Apache MINA Deserialization RCE Vulnerability
Critical
CVE-2024-52046
was published
for
org.apache.mina:mina-core
(Maven)
Dec 25, 2024
Gogs allows argument injection during the previewing of changes
Critical
CVE-2024-39932
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)
High
CVE-2024-56334
was published
for
systeminformation
(npm)
Dec 20, 2024
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
High
CVE-2024-56327
was published
for
pyrage
(pip)
Dec 19, 2024
Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled
Critical
CVE-2024-56145
was published
for
craftcms/cms
(Composer)
Dec 18, 2024
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method
High
CVE-2024-55661
was published
for
laravel/pulse
(Composer)
Dec 13, 2024
Angular Expressions - Remote Code Execution when using locals
Critical
CVE-2024-54152
was published
for
angular-expressions
(npm)
Dec 10, 2024
ProTip!
Advisories are also available from the
GraphQL API