GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
92,909 advisories
Filter by severity
IBM Security Verify Access Appliance 10.0.0 through 10.0.8
could allow a locally authenticated...
High
Unreviewed
CVE-2024-49804
was published
Nov 29, 2024
Certain models of routers from Billion Electric has an OS Command Injection vulnerability,...
High
Unreviewed
CVE-2024-11983
was published
Nov 29, 2024
Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,...
High
Unreviewed
CVE-2024-11981
was published
Nov 29, 2024
Certain models of routers from Billion Electric has a Plaintext Storage of a Password...
High
Unreviewed
CVE-2024-11982
was published
Nov 29, 2024
Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for...
High
Unreviewed
CVE-2024-11013
was published
Nov 29, 2024
A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API....
High
Unreviewed
CVE-2024-11481
was published
Nov 29, 2024
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access...
High
Unreviewed
CVE-2024-48651
was published
Nov 29, 2024
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on...
High
Unreviewed
CVE-2024-54124
was published
Nov 29, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote...
High
Unreviewed
CVE-2024-11978
was published
Nov 29, 2024
Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10...
High
Unreviewed
CVE-2024-8300
was published
Nov 29, 2024
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi...
High
Unreviewed
CVE-2024-8299
was published
Nov 29, 2024
Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi...
High
Unreviewed
CVE-2024-9852
was published
Nov 29, 2024
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This...
High
Unreviewed
CVE-2024-11959
was published
Nov 28, 2024
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This...
High
Unreviewed
CVE-2024-11960
was published
Nov 28, 2024
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder...
High
Unreviewed
CVE-2024-11969
was published
Nov 28, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows...
High
Unreviewed
CVE-2024-11620
was published
Nov 28, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-11402
was published
Nov 28, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-52497
was published
Nov 28, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-52481
was published
Nov 28, 2024
Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local...
High
Unreviewed
CVE-2024-52498
was published
Nov 28, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-52496
was published
Nov 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-52495
was published
Nov 28, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-52501
was published
Nov 28, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-52499
was published
Nov 28, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Idealien Studios Idealien Category...
High
Unreviewed
CVE-2024-53734
was published
Nov 28, 2024
ProTip!
Advisories are also available from the
GraphQL API