GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,786
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,015
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,197

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

93,033 advisories

Filter by severity

Sort by

Least recently updated

IBM Cognos Controller 11.0.0 and 11.0.1 contains hard-coded credentials, such as a... High Unreviewed

CVE-2024-41777 was published Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed

CVE-2024-40691 was published Dec 3, 2024

An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port... High Unreviewed

CVE-2024-52547 was published Dec 3, 2024

Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash. High Unreviewed

CVE-2024-53429 was published Dec 3, 2024

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2024-11391 was published Dec 3, 2024

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is... High Unreviewed

CVE-2024-10074 was published Dec 3, 2024

Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key... High Unreviewed

CVE-2024-42422 was published Dec 3, 2024

Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of... High Unreviewed

CVE-2024-47476 was published Dec 3, 2024

Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in... High Unreviewed

CVE-2024-49420 was published Dec 3, 2024

Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1... High Unreviewed

CVE-2024-49413 was published Dec 3, 2024

Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to... High Unreviewed

CVE-2024-49415 was published Dec 3, 2024

A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in... High Unreviewed

CVE-2024-8748 was published Dec 3, 2024

Authentication credentials leakage vulnerability in Hitachi Ops Center Common Services within... High Unreviewed

CVE-2024-45068 was published Dec 3, 2024

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic... High Unreviewed

CVE-2024-9200 was published Dec 3, 2024

In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input... High Unreviewed

CVE-2018-9431 was published Dec 3, 2024

In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a... High Unreviewed

CVE-2018-9418 was published Dec 3, 2024

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280,... High Unreviewed

CVE-2024-39343 was published Dec 2, 2024

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820,... High Unreviewed

CVE-2024-39890 was published Dec 2, 2024

In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of... High Unreviewed

CVE-2018-9414 was published Dec 2, 2024

In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to improper input... High Unreviewed

CVE-2018-9380 was published Dec 2, 2024

In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to... High Unreviewed

CVE-2018-9381 was published Dec 2, 2024

An authenticated arbitrary file upload vulnerability in the component /module_admin/upload.php of... High Unreviewed

CVE-2024-53564 was published Dec 2, 2024

Snap One OVRC cloud uses the MAC address as an identifier to provide information when requested.... High Unreviewed

CVE-2024-50380 was published Dec 2, 2024

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed

CVE-2024-50381 was published Dec 2, 2024

Cross-Site Request Forgery (CSRF) vulnerability in CMSaccount Photo Video Store allows Cross-Site... High Unreviewed

CVE-2024-53782 was published Dec 2, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

93,033 advisories