GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,921

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,903 advisories

Filter by severity

Sort by

Least recently updated

IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a locally authenticated... High Unreviewed

CVE-2024-49804 was published Nov 29, 2024

Certain models of routers from Billion Electric has an OS Command Injection vulnerability,... High Unreviewed

CVE-2024-11983 was published Nov 29, 2024

Certain models of routers from Billion Electric has a Plaintext Storage of a Password... High Unreviewed

CVE-2024-11982 was published Nov 29, 2024

Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for... High Unreviewed

CVE-2024-11013 was published Nov 29, 2024

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API.... High Unreviewed

CVE-2024-11481 was published Nov 29, 2024

Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,... High Unreviewed

CVE-2024-11981 was published Nov 29, 2024

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access... High Unreviewed

CVE-2024-48651 was published Nov 29, 2024

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on... High Unreviewed

CVE-2024-54124 was published Nov 29, 2024

Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi... High Unreviewed

CVE-2024-8299 was published Nov 29, 2024

Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10... High Unreviewed

CVE-2024-8300 was published Nov 29, 2024

Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi... High Unreviewed

CVE-2024-9852 was published Nov 29, 2024

DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote... High Unreviewed

CVE-2024-11978 was published Nov 29, 2024

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This... High Unreviewed

CVE-2024-11959 was published Nov 28, 2024

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This... High Unreviewed

CVE-2024-11960 was published Nov 28, 2024

The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder... High Unreviewed

CVE-2024-11969 was published Nov 28, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2024-52481 was published Nov 28, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WP WOX Footer Flyout Widget allows Stored XSS... High Unreviewed

CVE-2024-53732 was published Nov 28, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2024-52495 was published Nov 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-52497 was published Nov 28, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2024-11402 was published Nov 28, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows... High Unreviewed

CVE-2024-11620 was published Nov 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-52496 was published Nov 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-52501 was published Nov 28, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars allows... High Unreviewed

CVE-2024-53736 was published Nov 28, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-52499 was published Nov 28, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92,903 advisories