GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
249,130 advisories
Filter by severity
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5...
High
Unreviewed
CVE-2023-43585
was published
Dec 14, 2023
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of...
Moderate
Unreviewed
CVE-2023-39215
was published
Sep 12, 2023
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure...
Moderate
Unreviewed
CVE-2024-24698
was published
Feb 14, 2024
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an...
High
Unreviewed
CVE-2023-43591
was published
Nov 15, 2023
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom...
Moderate
Unreviewed
CVE-2023-39203
was published
Nov 15, 2023
A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05...
Unknown
Unreviewed
CVE-2024-46453
was published
Sep 27, 2024
A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by...
Moderate
Unreviewed
CVE-2024-9293
was published
Sep 27, 2024
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote...
High
Unreviewed
CVE-2024-33369
was published
Sep 27, 2024
A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to...
Moderate
Unreviewed
CVE-2024-9291
was published
Sep 27, 2024
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could...
High
Unreviewed
CVE-2024-6436
was published
Sep 27, 2024
An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary...
High
Unreviewed
CVE-2024-33368
was published
Sep 27, 2024
The Visual Sound (old) WordPress plugin through 1.06 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2024-8047
was published
Sep 17, 2024
The AI Engine WordPress plugin before 2.4.8 does not properly sanitise and escape a parameter...
Moderate
Unreviewed
CVE-2024-6723
was published
Sep 13, 2024
In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered.
Moderate
Unreviewed
CVE-2024-9160
was published
Sep 27, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape...
Moderate
Unreviewed
CVE-2024-6493
was published
Sep 13, 2024
The MM-Breaking News WordPress plugin through 0.7.9 does not escape the $_SERVER['REQUEST_URI']...
Moderate
Unreviewed
CVE-2024-8056
was published
Sep 12, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options...
Low
Unreviewed
CVE-2024-8258
was published
Sep 10, 2024
The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for...
Moderate
Unreviewed
CVE-2024-7133
was published
Sep 13, 2024
The NinjaTeam Header Footer Custom Code WordPress plugin before 1.2 does not sanitise and escape...
Moderate
Unreviewed
CVE-2024-6617
was published
Sep 13, 2024
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows...
High
Unreviewed
CVE-2023-39211
was published
Aug 9, 2023
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an...
Critical
Unreviewed
CVE-2023-39216
was published
Aug 8, 2023
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an...
Moderate
Unreviewed
CVE-2023-36535
was published
Aug 8, 2023
OpenStack Keystone Allows Remote User Account Creation
High
CVE-2012-3542
was published
for
keystone
(pip)
May 17, 2022
LangChain vulnerable to arbitrary code execution
Critical
CVE-2023-39659
was published
for
langchain
(pip)
Aug 15, 2023
ProTip!
Advisories are also available from the
GraphQL API