GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,374 advisories
Filter by severity
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi...
High
Unreviewed
CVE-2020-15415
was published
May 24, 2022
The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
High
Unreviewed
CVE-2024-8981
was published
Oct 1, 2024
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If...
High
Unreviewed
CVE-2024-47560
was published
Oct 1, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-9194
was published
Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in...
High
Unreviewed
CVE-2024-28809
was published
Sep 30, 2024
An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows...
High
Unreviewed
CVE-2024-46549
was published
Sep 30, 2024
ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in...
High
Unreviewed
CVE-2024-46510
was published
Sep 30, 2024
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a...
High
Unreviewed
CVE-2024-7675
was published
Sep 30, 2024
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7672
was published
Sep 30, 2024
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can...
High
Unreviewed
CVE-2024-7671
was published
Sep 30, 2024
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7673
was published
Sep 30, 2024
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7670
was published
Sep 30, 2024
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7674
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local...
High
Unreviewed
CVE-2024-28812
was published
Sep 30, 2024
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may...
High
Unreviewed
CVE-2024-45862
was published
Sep 19, 2024
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm...
High
Unreviewed
CVE-2024-46313
was published
Sep 30, 2024
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service...
High
Unreviewed
CVE-2024-46280
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the ...
High
Unreviewed
CVE-2024-28813
was published
Sep 30, 2024
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig...
High
Unreviewed
CVE-2020-35593
was published
Sep 5, 2023
An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial...
High
Unreviewed
CVE-2024-42861
was published
Sep 23, 2024
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This...
High
Unreviewed
CVE-2024-39432
was published
Sep 27, 2024
An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users'...
High
Unreviewed
CVE-2024-46610
was published
Sep 25, 2024
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This...
High
Unreviewed
CVE-2024-39431
was published
Sep 27, 2024
A stored cross site scripting vulnerability exists in Nessus Network Monitor where an...
High
Unreviewed
CVE-2024-9158
was published
Sep 30, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: Fix array index...
High
Unreviewed
CVE-2024-43842
was published
Aug 17, 2024
ProTip!
Advisories are also available from the
GraphQL API