GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,143
Composer 4,083
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,108
npm 3,644
NuGet 638
pip 3,260
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,072

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,901 advisories

Filter by severity

Sort by

Least recently updated

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds... Moderate Unreviewed

CVE-2024-0116 was published Oct 1, 2024

All versions of the package git-shallow-clone are vulnerable to Command injection due to missing... Moderate Unreviewed

CVE-2024-21531 was published Oct 1, 2024

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain... Moderate Unreviewed

CVE-2024-8445 was published Sep 5, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-47396 was published Oct 1, 2024

A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected... Moderate Unreviewed

CVE-2024-9358 was published Oct 1, 2024

A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been... Moderate Unreviewed

CVE-2024-9360 was published Oct 1, 2024

A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as... Moderate Unreviewed

CVE-2024-9359 was published Oct 1, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed

CVE-2024-28807 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed

CVE-2024-28810 was published Sep 30, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed

CVE-2024-45073 was published Oct 1, 2024

The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid... Moderate Unreviewed

CVE-2024-3635 was published Sep 30, 2024

TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates,... Moderate Unreviewed

CVE-2024-46548 was published Sep 30, 2024

A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before... Moderate Unreviewed

CVE-2024-46540 was published Sep 30, 2024

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is... Moderate Unreviewed

CVE-2024-44170 was published Sep 17, 2024

The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions... Moderate Unreviewed

CVE-2024-6544 was published Sep 13, 2024

A Stored Cross-Site Scripting (XSS) vulnerability in Solvait 24.4.2 allows remote attackers to... Moderate Unreviewed

CVE-2024-45920 was published Sep 30, 2024

The vulnerability allows an attacker to craft MQTT messages that include relative path traversal... Moderate Unreviewed

CVE-2024-6786 was published Sep 21, 2024

Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb. Moderate Unreviewed

CVE-2024-45993 was published Sep 30, 2024

In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows... Moderate Unreviewed

CVE-2024-45200 was published Sep 30, 2024

A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard... Moderate Unreviewed

CVE-2024-46475 was published Sep 30, 2024

In drm service, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed

CVE-2024-39433 was published Sep 27, 2024

An improper privilege management vulnerability allowed arbitrary workflows to be committed using... Moderate Unreviewed

CVE-2024-8263 was published Sep 23, 2024

In drm service, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed

CVE-2024-39434 was published Sep 27, 2024

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for... Moderate Unreviewed

CVE-2024-3165 was published Apr 2, 2024

An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to... Moderate Unreviewed

CVE-2024-43025 was published Sep 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

104,901 advisories