GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,738

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,636 advisories

Filter by severity

Sort by

Least recently updated

A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed

CVE-2024-42327 was published Nov 27, 2024

The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed

CVE-2024-42330 was published Nov 27, 2024

A improper verification of cryptographic signature vulnerability in plugin management in iota C... Critical Unreviewed

CVE-2024-52958 was published Nov 27, 2024

A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in... Critical Unreviewed

CVE-2024-52959 was published Nov 27, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker... Critical Unreviewed

CVE-2023-34844 was published Jun 29, 2023

HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed

CVE-2024-52677 was published Nov 20, 2024

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an... Critical Unreviewed

CVE-2024-11145 was published Nov 26, 2024

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot... Critical Unreviewed

CVE-2024-49038 was published Nov 26, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed

CVE-2024-9680 was published Oct 9, 2024

UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on... Critical Unreviewed

CVE-2023-31997 was published Jul 1, 2023

The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows... Critical Unreviewed

CVE-2023-36487 was published Jun 29, 2023

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24343. It... Critical Unreviewed

CVE-2024-53913 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24344. It... Critical Unreviewed

CVE-2024-53914 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24334. It... Critical Unreviewed

CVE-2024-53909 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24341. It... Critical Unreviewed

CVE-2024-53912 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24339. It... Critical Unreviewed

CVE-2024-53911 was published Nov 24, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24405. It... Critical Unreviewed

CVE-2024-53915 was published Nov 24, 2024

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed

CVE-2024-52765 was published Nov 20, 2024

An issue was discovered in the server in Veritas Enterprise Vault before 15.2, ZDI-CAN-24336. It... Critical Unreviewed

CVE-2024-53910 was published Nov 24, 2024

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Critical Unreviewed

CVE-2019-16028 was published May 24, 2022

In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a... Critical Unreviewed

CVE-2024-0039 was published Mar 11, 2024

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation... Critical Unreviewed

CVE-2024-11024 was published Nov 26, 2024

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed

CVE-2024-11680 was published Nov 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,636 advisories