Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,572 advisories

Loading
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-38655 was published Nov 13, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed
CVE-2024-10217 was published Nov 12, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed
CVE-2024-10218 was published Nov 12, 2024
The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to... Critical Unreviewed
CVE-2023-52268 was published Nov 12, 2024
Windows Kerberos Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-43639 was published Nov 12, 2024
Azure CycleCloud Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-43602 was published Nov 12, 2024
An authentication bypass vulnerability exists in the affected product. The vulnerability exists... Critical Unreviewed
CVE-2024-10943 was published Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-11006 was published Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-11005 was published Nov 12, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... Critical Unreviewed
CVE-2024-50330 was published Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-11007 was published Nov 12, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed
CVE-2024-8074 was published Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed
CVE-2024-46890 was published Nov 12, 2024
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910... Critical Unreviewed
CVE-2024-44102 was published Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed
CVE-2024-46888 was published Nov 12, 2024
The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2024-10245 was published Nov 12, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer... Critical Unreviewed
CVE-2024-52533 was published Nov 12, 2024
SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter. Critical Unreviewed
CVE-2024-25254 was published Nov 12, 2024
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of... Critical Unreviewed
CVE-2024-50636 was published Nov 12, 2024
Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build... Critical Unreviewed
CVE-2024-25255 was published Nov 12, 2024
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for... Critical Unreviewed
CVE-2024-46962 was published Nov 11, 2024
Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. Critical Unreviewed
CVE-2024-44546 was published Nov 11, 2024
The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm... Critical Unreviewed
CVE-2024-50667 was published Nov 11, 2024
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an... Critical Unreviewed
CVE-2024-36061 was published Nov 11, 2024
A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage... Critical Unreviewed
CVE-2024-50989 was published Nov 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database