GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
266 advisories
Filter by severity
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges...
Moderate
Unreviewed
CVE-2024-47255
was published
Nov 5, 2024
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient
Verification of Data...
Moderate
Unreviewed
CVE-2024-47254
was published
Nov 5, 2024
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional...
Moderate
Unreviewed
CVE-2024-47123
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted
messages without any...
Moderate
Unreviewed
CVE-2024-43108
was published
Sep 26, 2024
Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-23922
was published
Sep 23, 2024
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4533
was published
Sep 19, 2024
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache...
High
Unreviewed
CVE-2023-28457
was published
Sep 18, 2024
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always...
Moderate
Unreviewed
CVE-2024-25584
was published
Sep 6, 2024
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4539
was published
Aug 31, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84...
High
Unreviewed
CVE-2024-7979
was published
Aug 21, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84...
High
Unreviewed
CVE-2024-7980
was published
Aug 21, 2024
Windows Print Spooler Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38198
was published
Aug 13, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0...
Moderate
Unreviewed
CVE-2023-28865
was published
Aug 8, 2024
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a...
High
Unreviewed
CVE-2024-7256
was published
Aug 1, 2024
Matrix Tafnit v8
-
CWE-646: Reliance on File Name or Extension of Externally-Supplied File
Moderate
Unreviewed
CVE-2024-38432
was published
Jul 30, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote...
High
Unreviewed
CVE-2024-3173
was published
Jul 17, 2024
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions...
High
Unreviewed
CVE-2024-33687
was published
Jun 24, 2024
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue...
Low
Unreviewed
CVE-2022-44593
was published
Jun 21, 2024
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules...
High
Unreviewed
CVE-2024-30162
was published
Jun 7, 2024
An attacker with access to the private network (the charger is connected to) or local access to...
Moderate
Unreviewed
CVE-2024-5684
was published
Jun 6, 2024
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to...
High
Unreviewed
CVE-2024-3049
was published
Jun 6, 2024
Insufficient Verification of Data Authenticity vulnerability in Cozmoslabs Profile Builder allows...
Moderate
Unreviewed
CVE-2024-31341
was published
May 17, 2024
Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for...
Moderate
Unreviewed
CVE-2024-27244
was published
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API