GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,649 advisories

Filter by severity

Sort by

Least recently updated

InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx... Critical Unreviewed

CVE-2024-30896 was published Nov 27, 2024

A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed

CVE-2024-42327 was published Nov 27, 2024

The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed

CVE-2024-42330 was published Nov 27, 2024

A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed

CVE-2024-52958 was published Nov 27, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed

CVE-2024-11145 was published Nov 26, 2024

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot... Critical Unreviewed

CVE-2024-49038 was published Nov 26, 2024

A flaw in handling fullscreen transitions may have inadvertently caused the application to become... Critical Unreviewed

CVE-2024-11698 was published Nov 26, 2024

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was... Critical Unreviewed

CVE-2024-11705 was published Nov 26, 2024

A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an... Critical Unreviewed

CVE-2024-11704 was published Nov 26, 2024

The executable file warning was not presented when downloading .library-ms files. *Note: This... Critical Unreviewed

CVE-2024-11693 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50370 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50374 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50371 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50373 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50372 was published Nov 26, 2024

A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following... Critical Unreviewed

CVE-2024-50375 was published Nov 26, 2024

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation... Critical Unreviewed

CVE-2024-11024 was published Nov 26, 2024

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed

CVE-2024-11680 was published Nov 26, 2024

Wrong configuration in Touch Pal application can collect user behavior data without awareness by... Critical Unreviewed

CVE-2018-11922 was published Nov 26, 2024

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to... Critical Unreviewed

CVE-2017-17772 was published Nov 26, 2024

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not... Critical Unreviewed

CVE-2017-11076 was published Nov 26, 2024

"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. ... Critical Unreviewed

CVE-2024-33610 was published Nov 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,649 advisories