GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,746

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,636 advisories

Filter by severity

Sort by

Least recently updated

A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed

CVE-2024-42327 was published Nov 27, 2024

The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed

CVE-2024-42330 was published Nov 27, 2024

A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed

CVE-2024-52958 was published Nov 27, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed

CVE-2024-11145 was published Nov 26, 2024

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot... Critical Unreviewed

CVE-2024-49038 was published Nov 26, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50371 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50370 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50372 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50374 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50373 was published Nov 26, 2024

A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following... Critical Unreviewed

CVE-2024-50375 was published Nov 26, 2024

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation... Critical Unreviewed

CVE-2024-11024 was published Nov 26, 2024

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed

CVE-2024-11680 was published Nov 26, 2024

Wrong configuration in Touch Pal application can collect user behavior data without awareness by... Critical Unreviewed

CVE-2018-11922 was published Nov 26, 2024

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to... Critical Unreviewed

CVE-2017-17772 was published Nov 26, 2024

There are several hidden accounts. Some of them are intended for maintenance engineers, and with... Critical Unreviewed

CVE-2024-35244 was published Nov 26, 2024

"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. ... Critical Unreviewed

CVE-2024-33610 was published Nov 26, 2024

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not... Critical Unreviewed

CVE-2017-11076 was published Nov 26, 2024

API keys for some cloud services are hardcoded in the "main" binary. As for the details of... Critical Unreviewed

CVE-2024-36248 was published Nov 26, 2024

The web interface of the affected devices processes a cookie value improperly, leading to a stack... Critical Unreviewed

CVE-2024-28038 was published Nov 26, 2024

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-10542 was published Nov 26, 2024

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they... Critical Unreviewed

CVE-2024-11666 was published Nov 25, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,636 advisories