GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,923

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,905 advisories

Filter by severity

Sort by

Least recently updated

Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution... High Unreviewed

CVE-2024-11790 was published Nov 28, 2024

Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution... High Unreviewed

CVE-2024-11793 was published Nov 28, 2024

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow.... High Unreviewed

CVE-2017-13323 was published Nov 28, 2024

In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread... High Unreviewed

CVE-2017-13319 was published Nov 27, 2024

Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to... High Unreviewed

CVE-2024-7025 was published Nov 27, 2024

EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS... High Unreviewed

CVE-2024-31976 was published Nov 27, 2024

Stored Cross-Site Scripting in the Access Request History in Omada Identity before version 15... High Unreviewed

CVE-2024-52951 was published Nov 27, 2024

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID... High Unreviewed

CVE-2024-53603 was published Nov 27, 2024

Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed

CVE-2024-52323 was published Nov 27, 2024

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware... High Unreviewed

CVE-2024-11667 was published Nov 27, 2024

An authenticated user with API access (e.g.: user with default User role), more specifically a... High Unreviewed

CVE-2024-36467 was published Nov 27, 2024

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app... High Unreviewed

CVE-2024-5921 was published Nov 27, 2024

A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed

CVE-2024-53673 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53675 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-53674 was published Nov 27, 2024

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed

CVE-2024-11622 was published Nov 27, 2024

Microsoft Dynamics 365 Sales Spoofing Vulnerability High Unreviewed

CVE-2024-49053 was published Nov 26, 2024

Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed

CVE-2024-49052 was published Nov 26, 2024

A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this... High Unreviewed

CVE-2024-11745 was published Nov 26, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5... High Unreviewed

CVE-2024-8114 was published Nov 26, 2024

An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed

CVE-2024-49035 was published Nov 26, 2024

The Contact Form 7 Email Add on plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed

CVE-2024-10898 was published Nov 26, 2024

TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. High Unreviewed

CVE-2024-53335 was published Nov 26, 2024

A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed

CVE-2024-53555 was published Nov 26, 2024

A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed

CVE-2024-52336 was published Nov 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92,905 advisories