Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,290
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,743
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

24,086 advisories

Loading
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what... Critical Unreviewed
CVE-2024-4995 was published Dec 18, 2024
Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed
CVE-2024-4996 was published Dec 18, 2024
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object... Critical Unreviewed
CVE-2024-56058 was published Dec 18, 2024
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed
CVE-2024-56059 was published Dec 18, 2024
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed
CVE-2024-12287 was published Dec 18, 2024
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2024-29646 was published Dec 18, 2024
rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set... Critical Unreviewed
CVE-2024-31668 was published Dec 18, 2024
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially... Critical Unreviewed
CVE-2024-29224 was published Dec 18, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The... Critical Unreviewed
CVE-2024-55516 was published Dec 17, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed
CVE-2024-55513 was published Dec 17, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed
CVE-2024-55515 was published Dec 17, 2024
Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf... Critical Unreviewed
CVE-2024-54662 was published Dec 17, 2024
A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project... Critical Unreviewed
CVE-2024-55496 was published Dec 17, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8972 was published Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed
CVE-2024-12356 was published Dec 17, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed
CVE-2024-10205 was published Dec 17, 2024
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in... Critical Unreviewed
CVE-2024-55085 was published Dec 17, 2024
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to... Critical Unreviewed
CVE-2024-29671 was published Dec 17, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed
CVE-2024-52949 was published Dec 17, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed
CVE-2024-55557 was published Dec 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-54280 was published Dec 16, 2024
The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user... Critical Unreviewed
CVE-2024-11144 was published Dec 16, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows... Critical Unreviewed
CVE-2024-54285 was published Dec 16, 2024
Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows... Critical Unreviewed
CVE-2024-54229 was published Dec 16, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed
CVE-2024-43234 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database