GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,148 advisories
Filter by severity
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code...
High
Unreviewed
CVE-2024-44623
was published
Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly restrict access to the system settings...
High
Unreviewed
CVE-2024-8779
was published
Sep 16, 2024
Certain models of D-Link wireless routers contain hidden functionality. By sending specific...
High
Unreviewed
CVE-2024-45696
was published
Sep 16, 2024
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the...
High
Unreviewed
CVE-2024-46424
was published
Sep 16, 2024
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and...
High
Unreviewed
CVE-2024-46938
was published
Sep 16, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-45459
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-44053
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-44060
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-45458
was published
Sep 16, 2024
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-8479
was published
Sep 16, 2024
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-8271
was published
Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for...
High
Unreviewed
CVE-2024-8246
was published
Sep 16, 2024
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-6482
was published
Sep 16, 2024
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper...
High
Unreviewed
CVE-2024-44094
was published
Sep 13, 2024
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic...
High
Unreviewed
CVE-2024-44095
was published
Sep 13, 2024
In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code...
High
Unreviewed
CVE-2024-44092
was published
Sep 13, 2024
there is a possible escalation of privilege due to an unusual root cause. This could lead to...
High
Unreviewed
CVE-2024-29779
was published
Sep 13, 2024
In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic...
High
Unreviewed
CVE-2024-44093
was published
Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8280
was published
Sep 13, 2024
The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a...
High
Unreviewed
CVE-2024-45368
was published
Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8281
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8279
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8278
was published
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API