GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
23,088 advisories
Filter by severity
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive...
Critical
Unreviewed
CVE-2024-47088
was published
Sep 19, 2024
LangChain Experimental Eval Injection vulnerability
Critical
CVE-2024-46946
was published
for
langchain-experimental
(pip)
Sep 19, 2024
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the...
Critical
Unreviewed
CVE-2024-46374
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46376
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46375
was published
Sep 18, 2024
Buffer Overflow vulnerability in btstack mesh commit before v...
Critical
Unreviewed
CVE-2024-40568
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46377
was published
Sep 18, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An...
Critical
Unreviewed
CVE-2024-34399
was published
Sep 18, 2024
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x...
Critical
Unreviewed
CVE-2024-45523
was published
Sep 18, 2024
Chaosblade vulnerable to OS command execution
Critical
CVE-2023-47105
was published
for
github.com/chaosblade-io/chaosblade
(Go)
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-5958
was published
Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-5959
was published
Sep 18, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-6877
was published
Sep 18, 2024
Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain...
Critical
Unreviewed
CVE-2024-5960
was published
Sep 18, 2024
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser...
Critical
Unreviewed
CVE-2024-34026
was published
Sep 18, 2024
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-44542
was published
Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Critical
Unreviewed
CVE-2024-8889
was published
Sep 18, 2024
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1...
Critical
Unreviewed
CVE-2024-8888
was published
Sep 18, 2024
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS)...
Critical
Unreviewed
CVE-2024-8887
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43976
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43978
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-44004
was published
Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication...
Critical
Unreviewed
CVE-2024-8956
was published
Sep 17, 2024
hermes-management is vulnerable to RCE due to Apache commons-jxpath
Critical
GHSA-2gh6-wc3m-g37f
was published
for
pl.allegro.tech.hermes:hermes-management
(Maven)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API