GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,737
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,649 advisories

Filter by severity

Sort by

Least recently updated

A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an... Critical Unreviewed

CVE-2024-11704 was published Nov 26, 2024

Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version... Critical Unreviewed

CVE-2024-29292 was published Nov 20, 2024

EventAttendance.php in ChurchCRM 5.7.0 is vulnerable to SQL injection. An attacker can exploit... Critical Unreviewed

CVE-2024-53438 was published Nov 22, 2024

An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard... Critical Unreviewed

CVE-2024-51367 was published Nov 21, 2024

A flaw in handling fullscreen transitions may have inadvertently caused the application to become... Critical Unreviewed

CVE-2024-11698 was published Nov 26, 2024

An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP... Critical Unreviewed

CVE-2024-44758 was published Nov 15, 2024

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was... Critical Unreviewed

CVE-2024-11705 was published Nov 26, 2024

A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows... Critical Unreviewed

CVE-2024-50672 was published Nov 25, 2024

The executable file warning was not presented when downloading .library-ms files. *Note: This... Critical Unreviewed

CVE-2024-11693 was published Nov 26, 2024

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2024-52771 was published Nov 20, 2024

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker... Critical Unreviewed

CVE-2024-33439 was published Nov 20, 2024

An LDAP injection vulnerability in the login page of Gladinet CentreStack v13.12.9934.54690... Critical Unreviewed

CVE-2024-37782 was published Nov 22, 2024

InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx... Critical Unreviewed

CVE-2024-30896 was published Nov 27, 2024

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed

CVE-2024-5910 was published Jul 10, 2024

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and... Critical Unreviewed

CVE-2023-35830 was published Jun 29, 2023

A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed

CVE-2024-42327 was published Nov 27, 2024

The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed

CVE-2024-42330 was published Nov 27, 2024

A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed

CVE-2024-52958 was published Nov 27, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker... Critical Unreviewed

CVE-2023-34844 was published Jun 29, 2023

HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed

CVE-2024-52677 was published Nov 20, 2024

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed

CVE-2024-11145 was published Nov 26, 2024

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot... Critical Unreviewed

CVE-2024-49038 was published Nov 26, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,649 advisories