GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,384 advisories

Filter by severity

Sort by

Least recently updated

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote... Critical Unreviewed

CVE-2024-51327 was published Nov 4, 2024

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an... Critical Unreviewed

CVE-2024-47406 was published Oct 25, 2024

Fujian Kelixin Communication Command and Dispatch Platform <=7.6.6.4391 is vulnerable to SQL... Critical Unreviewed

CVE-2024-45918 was published Oct 8, 2024

Code-projects Simple Stock System 1.0 is vulnerable to SQL Injection. Critical Unreviewed

CVE-2024-24095 was published Feb 27, 2024

Vulnerability of improper permission control in the window management module. Impact: Successful... Critical Unreviewed

CVE-2024-30415 was published Apr 7, 2024

SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain... Critical Unreviewed

CVE-2024-26517 was published May 14, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed

CVE-2024-23255 was published Mar 8, 2024

Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed

CVE-2023-29119 was published Nov 5, 2024

A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. Critical Unreviewed

CVE-2023-29125 was published Nov 5, 2024

Waybox Enel X web management application could be used to execute arbitrary OS commands and... Critical Unreviewed

CVE-2023-29120 was published Nov 5, 2024

Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox... Critical Unreviewed

CVE-2023-29121 was published Nov 5, 2024

Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed

CVE-2023-29118 was published Nov 5, 2024

Improper resource initialization handling in firmware of some Solidigm DC Products may allow an... Critical Unreviewed

CVE-2024-47967 was published Oct 7, 2024

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a... Critical Unreviewed

CVE-2024-1676 was published Feb 21, 2024

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,... Critical Unreviewed

CVE-2024-20412 was published Oct 23, 2024

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,... Critical Unreviewed

CVE-2024-10687 was published Nov 5, 2024

Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password,... Critical Unreviewed

CVE-2024-28288 was published Mar 30, 2024

In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)... Critical Unreviewed

CVE-2022-31266 was published Jun 30, 2022

Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of... Critical Unreviewed

CVE-2024-10467 was published Oct 29, 2024

Potential race conditions in IndexedDB could have caused memory corruption, leading to a... Critical Unreviewed

CVE-2024-10468 was published Oct 29, 2024

In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed

CVE-2024-7474 was published Oct 29, 2024

This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in... Critical Unreviewed

CVE-2024-51561 was published Nov 4, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder... Critical Unreviewed

CVE-2024-50527 was published Nov 4, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post... Critical Unreviewed

CVE-2024-50523 was published Nov 4, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail... Critical Unreviewed

CVE-2024-50526 was published Nov 4, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,384 advisories