Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,672 advisories

Loading
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials,... Critical Unreviewed
CVE-2024-49805 was published Nov 29, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated... Critical Unreviewed
CVE-2024-49803 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52781 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52782 was published Nov 29, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 contains hard-coded credentials,... Critical Unreviewed
CVE-2024-49806 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52778 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52779 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L, <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52777 was published Nov 29, 2024
DCME-320 <=7.4.12.90, DCME-520 <=9.25.5.11, DCME-320-L <=9.3.5.26, and DCME-720 <=9.1.5.11 are... Critical Unreviewed
CVE-2024-52780 was published Nov 29, 2024
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated... Critical Unreviewed
CVE-2024-0012 was published Nov 18, 2024
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability,... Critical Unreviewed
CVE-2024-28987 was published Aug 22, 2024
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Critical Unreviewed
CVE-2024-53604 was published Nov 27, 2024
Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could... Critical Unreviewed
CVE-2024-11992 was published Nov 29, 2024
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed
CVE-2024-52338 was published Nov 28, 2024
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed
CVE-2023-42793 was published Sep 19, 2023
The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura... Critical Unreviewed
CVE-2023-41993 was published Sep 21, 2023
A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and... Critical Unreviewed
CVE-2024-11482 was published Nov 29, 2024
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are... Critical Unreviewed
CVE-2024-50357 was published Nov 29, 2024
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment... Critical Unreviewed
CVE-2022-48174 was published Aug 22, 2023
Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed
CVE-2024-11980 was published Nov 29, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11979 was published Nov 29, 2024
The Contest Gallery plugin for WordPress is vulnerable to privilege escalation via account... Critical Unreviewed
CVE-2024-11103 was published Nov 28, 2024
The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-11082 was published Nov 28, 2024
The JobSearch WP Job Board plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-11925 was published Nov 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform... Critical Unreviewed
CVE-2024-52475 was published Nov 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database