GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,572 advisories
Filter by severity
Unrestricted Upload of File with Dangerous Type vulnerability in Bigfive CF7 Reply Manager.This...
Critical
Unreviewed
CVE-2024-52404
was published
Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Clarisse K. Writer Helper allows...
Critical
Unreviewed
CVE-2024-52399
was published
Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WPExperts User Management allows...
Critical
Unreviewed
CVE-2024-52403
was published
Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI.This issue affects...
Critical
Unreviewed
CVE-2024-52398
was published
Nov 17, 2024
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file...
Critical
Unreviewed
CVE-2024-8856
was published
Nov 16, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit...
Critical
Unreviewed
CVE-2024-45970
was published
Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit...
Critical
Unreviewed
CVE-2024-45971
was published
Nov 15, 2024
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021,
avoid possible mbuf double...
Critical
Unreviewed
CVE-2024-10934
was published
Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20036
was published
Nov 15, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an...
Critical
Unreviewed
CVE-2023-20154
was published
Nov 15, 2024
Improper neutralization of special elements used in a command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-10443
was published
Nov 15, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the...
Critical
Unreviewed
CVE-2024-48970
was published
Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for...
Critical
Unreviewed
CVE-2024-48967
was published
Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This...
Critical
Unreviewed
CVE-2024-48974
was published
Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in...
Critical
Unreviewed
CVE-2024-48971
was published
Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an...
Critical
Unreviewed
CVE-2024-48973
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or...
Critical
Unreviewed
CVE-2024-9832
was published
Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket...
Critical
Unreviewed
CVE-2024-52369
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –...
Critical
Unreviewed
CVE-2024-52370
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer...
Critical
Unreviewed
CVE-2024-52372
was published
Nov 14, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege...
Critical
Unreviewed
CVE-2024-52382
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API