GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,102

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,871 advisories

Filter by severity

Sort by

Least recently updated

An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially... Critical Unreviewed

CVE-2024-29224 was published Dec 18, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed

CVE-2024-55557 was published Dec 16, 2024

iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed

CVE-2024-52949 was published Dec 17, 2024

Multiple Sitecore products allow remote code execution. This affects Experience Manager,... Critical Unreviewed

CVE-2023-35813 was published Jun 18, 2023

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed

CVE-2024-55085 was published Dec 17, 2024

Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to... Critical Unreviewed

CVE-2024-29671 was published Dec 17, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-8972 was published Dec 17, 2024

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed

CVE-2024-12356 was published Dec 17, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed

CVE-2024-10205 was published Dec 17, 2024

In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used... Critical Unreviewed

CVE-2024-52723 was published Nov 22, 2024

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115... Critical Unreviewed

CVE-2024-28639 was published Mar 16, 2024

The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an... Critical Unreviewed

CVE-2024-37018 was published May 31, 2024

A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring... Critical Unreviewed

CVE-2024-55099 was published Dec 12, 2024

In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed

CVE-2024-0031 was published Feb 16, 2024

In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to... Critical Unreviewed

CVE-2023-29476 was published Dec 14, 2024

DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during... Critical Unreviewed

CVE-2024-55969 was published Dec 15, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed

CVE-2024-54465 was published Dec 12, 2024

Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows... Critical Unreviewed

CVE-2024-54229 was published Dec 16, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-54280 was published Dec 16, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed

CVE-2024-54285 was published Dec 16, 2024

The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user... Critical Unreviewed

CVE-2024-11144 was published Dec 16, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed

CVE-2024-43234 was published Dec 16, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-55976 was published Dec 16, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,871 advisories