Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,384 advisories

Loading
Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed
CVE-2023-29118 was published Nov 5, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed
CVE-2023-29119 was published Nov 5, 2024
A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. Critical Unreviewed
CVE-2023-29125 was published Nov 5, 2024
Waybox Enel X web management application could be used to execute arbitrary OS commands and... Critical Unreviewed
CVE-2023-29120 was published Nov 5, 2024
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox... Critical Unreviewed
CVE-2023-29121 was published Nov 5, 2024
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,... Critical Unreviewed
CVE-2024-10687 was published Nov 5, 2024
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote... Critical Unreviewed
CVE-2024-51327 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail... Critical Unreviewed
CVE-2024-50526 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software... Critical Unreviewed
CVE-2024-50529 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce... Critical Unreviewed
CVE-2024-50525 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in David F. Carr RSVPMaker for... Critical Unreviewed
CVE-2024-50531 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP... Critical Unreviewed
CVE-2024-50530 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder... Critical Unreviewed
CVE-2024-50527 was published Nov 4, 2024
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed... Critical Unreviewed
CVE-2024-51558 was published Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post... Critical Unreviewed
CVE-2024-50523 was published Nov 4, 2024
This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in... Critical Unreviewed
CVE-2024-51561 was published Nov 4, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics... Critical Unreviewed
CVE-2024-10035 was published Nov 4, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2024-51661 was published Nov 4, 2024
A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary... Critical Unreviewed
CVE-2024-7456 was published Nov 1, 2024
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in... Critical Unreviewed
CVE-2024-10653 was published Nov 1, 2024
Stack-based buffer overflow vulnerability exists in multiple Ricoh laser printers and MFPs which... Critical Unreviewed
CVE-2024-47939 was published Nov 1, 2024
Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path... Critical Unreviewed
CVE-2024-39332 was published Oct 31, 2024
Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction... Critical Unreviewed
CVE-2023-52044 was published Oct 31, 2024
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher... Critical Unreviewed
CVE-2024-51063 was published Oct 31, 2024
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index... Critical Unreviewed
CVE-2024-51065 was published Oct 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database