GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,543

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

23,727 advisories

Filter by severity

Sort by

Least recently updated

A missing authentication for critical function vulnerability has been reported to affect Notes... Critical Unreviewed

CVE-2024-38643 was published Nov 22, 2024

An OS command injection vulnerability has been reported to affect several product versions. If... Critical Unreviewed

CVE-2024-48860 was published Nov 22, 2024

Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed

CVE-2023-51638 was published Nov 22, 2024

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This... Critical Unreviewed

CVE-2023-51639 was published Nov 22, 2024

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function... Critical Unreviewed

CVE-2024-51151 was published Nov 22, 2024

IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote... Critical Unreviewed

CVE-2024-41779 was published Nov 22, 2024

Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager... Critical Unreviewed

CVE-2024-52052 was published Nov 22, 2024

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed

CVE-2024-52765 was published Nov 20, 2024

HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed

CVE-2024-52677 was published Nov 20, 2024

An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software... Critical Unreviewed

CVE-2024-48984 was published Nov 20, 2024

An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed

CVE-2024-51162 was published Nov 20, 2024

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed

CVE-2018-9478 was published Nov 20, 2024

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed

CVE-2018-9479 was published Nov 20, 2024

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed

CVE-2018-9471 was published Nov 20, 2024

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9478 was published Nov 20, 2024

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed

CVE-2024-9479 was published Nov 20, 2024

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed

CVE-2024-10094 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed

CVE-2024-52439 was published Nov 20, 2024

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed

CVE-2024-52441 was published Nov 20, 2024

Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation... Critical Unreviewed

CVE-2024-52442 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed

CVE-2024-52440 was published Nov 20, 2024

Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object... Critical Unreviewed

CVE-2024-52443 was published Nov 20, 2024

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11... Critical Unreviewed

CVE-2024-10127 was published Nov 20, 2024

In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed

CVE-2018-9467 was published Nov 20, 2024

Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ... Critical Unreviewed

CVE-2024-52714 was published Nov 19, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,727 advisories