GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19,966 advisories

Filter by severity

Sort by

Least recently updated

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that... Critical Unreviewed

CVE-2024-8752 was published Sep 16, 2024

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the... Critical Unreviewed

CVE-2024-46958 was published Sep 16, 2024

Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed

CVE-2024-45489 was published Sep 20, 2024

An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the... Critical Unreviewed

CVE-2024-41721 was published Sep 20, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-6401 was published Sep 16, 2024

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... Critical Unreviewed

CVE-2024-46918 was published Sep 16, 2024

An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties... Critical Unreviewed

CVE-2024-46937 was published Sep 16, 2024

Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure... Critical Unreviewed

CVE-2024-7098 was published Sep 16, 2024

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and... Critical Unreviewed

CVE-2024-24691 was published Feb 14, 2024

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x... Critical Unreviewed

CVE-2024-45523 was published Sep 18, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww... Critical Unreviewed

CVE-2024-7104 was published Sep 16, 2024

Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10... Critical Unreviewed

CVE-2024-33109 was published Sep 19, 2024

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process.... Critical Unreviewed

CVE-2024-9043 was published Sep 20, 2024

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2024-8853 was published Sep 20, 2024

Buffer Overflow vulnerability in btstack mesh commit before v... Critical Unreviewed

CVE-2024-40568 was published Sep 18, 2024

Best House Rental Management System 1.0 contains a SQL injection vulnerability in the... Critical Unreviewed

CVE-2024-46374 was published Sep 18, 2024

Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute... Critical Unreviewed

CVE-2024-43042 was published Aug 16, 2024

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables... Critical Unreviewed

CVE-2024-45159 was published Sep 5, 2024

Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This... Critical Unreviewed

CVE-2024-7591 was published Sep 5, 2024

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2024-46377 was published Sep 18, 2024

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed

CVE-2023-0636 was published Jul 6, 2023

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to... Critical Unreviewed

CVE-2024-8963 was published Sep 19, 2024

Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if... Critical Unreviewed

CVE-2024-45861 was published Sep 19, 2024

HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or... Critical Unreviewed

CVE-2023-5365 was published Oct 9, 2023

Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed

CVE-2024-46375 was published Sep 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,966 advisories