GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,005

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,403 advisories

Filter by severity

Sort by

Least recently updated

An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to... Critical Unreviewed

CVE-2024-51136 was published Nov 4, 2024

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed

CVE-2024-23674 was published Feb 16, 2024

This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in... Critical Unreviewed

CVE-2024-51561 was published Nov 4, 2024

IBOS v4.5.5 has an arbitrary file deletion vulnerability via \system\modules\dashboard... Critical Unreviewed

CVE-2024-28265 was published Nov 1, 2024

An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in... Critical Unreviewed

CVE-2024-42773 was published Aug 22, 2024

S-Lang 2.3.2 was discovered to contain a segmentation fault via the function fixup_tgetstr(). Critical Unreviewed

CVE-2023-45929 was published Mar 27, 2024

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless... Critical Unreviewed

CVE-2024-20418 was published Nov 6, 2024

DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability. Critical Unreviewed

CVE-2024-51115 was published Nov 6, 2024

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of... Critical Unreviewed

CVE-2024-48176 was published Nov 6, 2024

An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute... Critical Unreviewed

CVE-2024-48746 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-47460 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-42509 was published Nov 6, 2024

In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of... Critical Unreviewed

CVE-2023-20918 was published Jul 13, 2023

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It... Critical Unreviewed

CVE-2024-10914 was published Nov 6, 2024

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It... Critical Unreviewed

CVE-2024-10915 was published Nov 6, 2024

The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability... Critical Unreviewed

CVE-2024-9307 was published Nov 6, 2024

The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-8615 was published Nov 6, 2024

The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-8614 was published Nov 6, 2024

An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed

CVE-2024-7012 was published Sep 4, 2024

An arbitrary file upload vulnerability in the Ueditor component of productinfoquick v1.0 allows... Critical Unreviewed

CVE-2024-41577 was published Aug 12, 2024

LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily... Critical Unreviewed

CVE-2024-51431 was published Nov 1, 2024

Script injection vulnerability in the email module.Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2023-52381 was published Feb 18, 2024

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote... Critical Unreviewed

CVE-2024-51327 was published Nov 4, 2024

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an... Critical Unreviewed

CVE-2024-47406 was published Oct 25, 2024

Fujian Kelixin Communication Command and Dispatch Platform <=7.6.6.4391 is vulnerable to SQL... Critical Unreviewed

CVE-2024-45918 was published Oct 8, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,403 advisories