GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,932

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,355 advisories

Filter by severity

Sort by

Least recently updated

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling... Critical Unreviewed

CVE-2024-45321 was published Aug 27, 2024

The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed

CVE-2024-7656 was published Aug 24, 2024

An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1... High Unreviewed

CVE-2024-42845 was published Aug 23, 2024

An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-42756 was published Aug 23, 2024

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below... High Unreviewed

CVE-2024-5466 was published Aug 23, 2024

The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2024-7559 was published Aug 23, 2024

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... High Unreviewed

CVE-2024-42599 was published Aug 22, 2024

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and... Critical Unreviewed

CVE-2024-6386 was published Aug 21, 2024

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... Moderate Unreviewed

CVE-2024-42598 was published Aug 20, 2024

A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue... Moderate Unreviewed

CVE-2024-7899 was published Aug 17, 2024

A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15... Critical Unreviewed

CVE-2024-42634 was published Aug 16, 2024

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command... High Unreviewed

CVE-2024-42739 was published Aug 13, 2024

An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to... Critical Unreviewed

CVE-2024-41623 was published Aug 13, 2024

A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML... Critical Unreviewed

CVE-2024-37287 was published Aug 13, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in WC Product Table... Moderate Unreviewed

CVE-2024-43128 was published Aug 13, 2024

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-7094 was published Aug 13, 2024

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command... High Unreviewed

CVE-2024-42745 was published Aug 12, 2024

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-41651 was published Aug 12, 2024

A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote... High Unreviewed

CVE-2024-5651 was published Aug 12, 2024

A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live... High Unreviewed

CVE-2024-40487 was published Aug 12, 2024

Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due... Low Unreviewed

CVE-2024-22123 was published Aug 12, 2024

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability... Moderate Unreviewed

CVE-2023-50810 was published Aug 12, 2024

An administrator with restricted permissions can exploit the script execution functionality... Critical Unreviewed

CVE-2024-22116 was published Aug 12, 2024

Improper validation in a model specific register (MSR) could allow a malicious program with ring0... High Unreviewed

CVE-2023-31315 was published Aug 12, 2024

Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0... High Unreviewed

CVE-2023-33206 was published Aug 8, 2024

Previous 1 2 … 5 6 7 8 9 … 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,355 advisories