GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,659
Composer 4,237
Erlang 31
GitHub Actions 20
Go 1,996
Maven 5,181
npm 3,709
NuGet 661
pip 3,348
Pub 11
RubyGems 885
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 235,055

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,572 advisories

Filter by severity

Sort by

Least recently updated

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed

CVE-2018-9478 was published Nov 20, 2024

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed

CVE-2018-9471 was published Nov 20, 2024

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed

CVE-2018-9479 was published Nov 20, 2024

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed

CVE-2024-10094 was published Nov 20, 2024

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9479 was published Nov 20, 2024

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9478 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed

CVE-2024-52440 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed

CVE-2024-52439 was published Nov 20, 2024

Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation... Critical Unreviewed

CVE-2024-52442 was published Nov 20, 2024

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed

CVE-2024-52441 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object... Critical Unreviewed

CVE-2024-52443 was published Nov 20, 2024

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11... Critical Unreviewed

CVE-2024-10127 was published Nov 20, 2024

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in... Critical Unreviewed

CVE-2024-52759 was published Nov 19, 2024

Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ... Critical Unreviewed

CVE-2024-52714 was published Nov 19, 2024

In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing... Critical Unreviewed

CVE-2018-9341 was published Nov 19, 2024

The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is... Critical Unreviewed

CVE-2024-42450 was published Nov 19, 2024

Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a... Critical Unreviewed

CVE-2024-52401 was published Nov 19, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect... Critical Unreviewed

CVE-2024-52402 was published Nov 19, 2024

AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account. Critical Unreviewed

CVE-2024-51051 was published Nov 19, 2024

An arbitrary file upload vulnerability in the component /main/fileupload.php of AVSCMS v8.2.0... Critical Unreviewed

CVE-2024-51053 was published Nov 18, 2024

Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of... Critical Unreviewed

CVE-2024-50919 was published Nov 18, 2024

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated... Critical Unreviewed

CVE-2024-0012 was published Nov 18, 2024

Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection... Critical Unreviewed

CVE-2024-52430 was published Nov 18, 2024

Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows... Critical Unreviewed

CVE-2024-52432 was published Nov 18, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup... Critical Unreviewed

CVE-2024-52429 was published Nov 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,572 advisories