Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,672 advisories

Loading
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials,... Critical Unreviewed
CVE-2024-49805 was published Nov 29, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated... Critical Unreviewed
CVE-2024-49803 was published Nov 29, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials,... Critical Unreviewed
CVE-2024-49806 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52778 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52781 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52779 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52777 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52780 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52782 was published Nov 29, 2024
Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could... Critical Unreviewed
CVE-2024-11992 was published Nov 29, 2024
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are... Critical Unreviewed
CVE-2024-50357 was published Nov 29, 2024
A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and... Critical Unreviewed
CVE-2024-11482 was published Nov 29, 2024
Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed
CVE-2024-11980 was published Nov 29, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11979 was published Nov 29, 2024
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform... Critical Unreviewed
CVE-2024-52475 was published Nov 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-52474 was published Nov 28, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web... Critical Unreviewed
CVE-2024-52490 was published Nov 28, 2024
The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is... Critical Unreviewed
CVE-2024-8672 was published Nov 28, 2024
The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account... Critical Unreviewed
CVE-2024-11103 was published Nov 28, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
The JobSearch WP Job Board plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11925 was published Nov 28, 2024
InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx... Critical Unreviewed
CVE-2024-30896 was published Nov 27, 2024
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Critical Unreviewed
CVE-2024-53604 was published Nov 27, 2024
A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed
CVE-2024-42327 was published Nov 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database