GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,358 advisories
Filter by severity
A stored cross site scripting vulnerability exists in Nessus Network Monitor where an...
High
Unreviewed
CVE-2024-9158
was published
Sep 30, 2024
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within...
High
Unreviewed
CVE-2024-8459
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross...
High
Unreviewed
CVE-2024-8458
was published
Sep 30, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain...
High
Unreviewed
CVE-2024-8455
was published
Sep 30, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
Certain switch models from PLANET Technology have an SSH service that improperly handles...
High
Unreviewed
CVE-2024-8451
was published
Sep 30, 2024
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The...
High
Unreviewed
CVE-2024-6394
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command...
High
Unreviewed
CVE-2024-8448
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1...
High
Unreviewed
CVE-2024-8450
was published
Sep 30, 2024
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This...
High
Unreviewed
CVE-2024-9325
was published
Sep 29, 2024
Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote...
High
Unreviewed
CVE-2024-23959
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow...
High
Unreviewed
CVE-2024-23967
was published
Sep 28, 2024
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-23923
was published
Sep 28, 2024
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-23935
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code...
High
Unreviewed
CVE-2024-23957
was published
Sep 28, 2024
Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution...
High
Unreviewed
CVE-2024-23938
was published
Sep 28, 2024
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote...
High
Unreviewed
CVE-2024-33369
was published
Sep 27, 2024
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could...
High
Unreviewed
CVE-2024-6436
was published
Sep 27, 2024
An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary...
High
Unreviewed
CVE-2024-33368
was published
Sep 27, 2024
Advantech ADAM-5630
has built-in commands that can be executed without authenticating the
user....
High
Unreviewed
CVE-2024-39364
was published
Sep 27, 2024
mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises...
High
Unreviewed
CVE-2024-6983
was published
Sep 27, 2024
Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a
session...
High
Unreviewed
CVE-2024-39275
was published
Sep 27, 2024
A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical....
High
Unreviewed
CVE-2024-9284
was published
Sep 27, 2024
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an...
High
Unreviewed
CVE-2024-28948
was published
Sep 27, 2024
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote...
High
Unreviewed
CVE-2024-46366
was published
Sep 27, 2024
ProTip!
Advisories are also available from the
GraphQL API