Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,268
Erlang
31
GitHub Actions
21
Go
2,042
Maven
5,000+
npm
3,736
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
867
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,877 advisories

Loading
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5... Critical Unreviewed
CVE-2023-34990 was published Dec 18, 2024
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object... Critical Unreviewed
CVE-2024-56058 was published Dec 18, 2024
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed
CVE-2024-56059 was published Dec 18, 2024
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what... Critical Unreviewed
CVE-2024-4995 was published Dec 18, 2024
Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed
CVE-2024-4996 was published Dec 18, 2024
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed
CVE-2024-12287 was published Dec 18, 2024
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially... Critical Unreviewed
CVE-2024-29224 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8972 was published Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed
CVE-2024-12356 was published Dec 17, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed
CVE-2024-10205 was published Dec 17, 2024
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed
CVE-2024-55085 was published Dec 17, 2024
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to... Critical Unreviewed
CVE-2024-29671 was published Dec 17, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed
CVE-2024-52949 was published Dec 17, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed
CVE-2024-55557 was published Dec 16, 2024
The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user... Critical Unreviewed
CVE-2024-11144 was published Dec 16, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed
CVE-2024-43234 was published Dec 16, 2024
Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows... Critical Unreviewed
CVE-2024-54229 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54280 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed
CVE-2024-54285 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55976 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55980 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55988 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55982 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55972 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-55981 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database