Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,322
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19 advisories

Loading
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub... High Unreviewed
CVE-2023-0302 was published Jan 15, 2023
A vulnerability has been identified in Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo... Critical Unreviewed
CVE-2022-24039 was published May 11, 2022
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET... High Unreviewed
CVE-2023-27533 was published Mar 30, 2023
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST... Critical Unreviewed
CVE-2024-39243 was published Jun 26, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36997 was published Jul 1, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36983 was published Jul 1, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed
CVE-2024-23268 was published Mar 8, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed
CVE-2024-23274 was published Mar 8, 2024
An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an... High Unreviewed
CVE-2024-24257 was published Jul 26, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2024-31809 was published Apr 8, 2024
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without... Moderate Unreviewed
CVE-2024-31812 was published Apr 8, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform... High Unreviewed
CVE-2024-37570 was published Jun 9, 2024
** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows... High Unreviewed
CVE-2022-48217 was published Jan 4, 2023
A remote code execution vulnerability has been identified in the User Defined Tags module of CMS... High Unreviewed
CVE-2024-27622 was published Mar 5, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39227 was published Aug 6, 2024
A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in... High Unreviewed
CVE-2024-0801 was published Mar 13, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ... Moderate Unreviewed
CVE-2024-37779 was published Sep 23, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to HTML Injection in all versions... Moderate Unreviewed
CVE-2024-9940 was published Oct 17, 2024
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification... Moderate Unreviewed
CVE-2024-7472 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database