GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,907

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,896 advisories

Filter by severity

Sort by

Least recently updated

IrfanView SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-11509 was published Nov 22, 2024

IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a locally authenticated... High Unreviewed

CVE-2024-49804 was published Nov 29, 2024

there is a possible way to bypass due to a logic error in the code. This could lead to local... High Unreviewed

CVE-2024-29748 was published Apr 5, 2024

Input verification vulnerability in the log module. Impact: Successful exploitation of this... High Unreviewed

CVE-2024-27896 was published Apr 8, 2024

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access... High Unreviewed

CVE-2024-48651 was published Nov 29, 2024

By flooding the target resolver with queries exploiting this flaw an attacker can significantly... High Unreviewed

CVE-2022-2795 was published Sep 22, 2022

Certain models of routers from Billion Electric has a Plaintext Storage of a Password... High Unreviewed

CVE-2024-11982 was published Nov 29, 2024

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API.... High Unreviewed

CVE-2024-11481 was published Nov 29, 2024

Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,... High Unreviewed

CVE-2024-11981 was published Nov 29, 2024

Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for... High Unreviewed

CVE-2024-11013 was published Nov 29, 2024

libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string.... High Unreviewed

CVE-2024-6197 was published Jul 24, 2024

Certain models of routers from Billion Electric has an OS Command Injection vulnerability,... High Unreviewed

CVE-2024-11983 was published Nov 29, 2024

Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts.... High Unreviewed

CVE-2023-24539 was published May 11, 2023

Calling any of the Parse functions on Go source code which contains //line directives with very... High Unreviewed

CVE-2023-24537 was published Apr 6, 2023

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. High Unreviewed

CVE-2023-2610 was published May 10, 2023

Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet... High Unreviewed

CVE-2024-47257 was published Nov 26, 2024

A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed

CVE-2024-52336 was published Nov 26, 2024

Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi... High Unreviewed

CVE-2024-8299 was published Nov 29, 2024

Dead Code vulnerability in ICONICS GENESIS64 Version 10.97.2, 10.97.2 CFR1, 10.97.2 CRF2 and 10... High Unreviewed

CVE-2024-8300 was published Nov 29, 2024

Uncontrolled Search Path Element vulnerability in ICONICS GENESIS64 all versions, Mitsubishi... High Unreviewed

CVE-2024-9852 was published Nov 29, 2024

DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote... High Unreviewed

CVE-2024-11978 was published Nov 29, 2024

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This... High Unreviewed

CVE-2024-11960 was published Nov 28, 2024

The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File... High Unreviewed

CVE-2024-9669 was published Nov 28, 2024

The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2024-8066 was published Nov 28, 2024

Mattermost versions 10.0.x <= 10.0.1, 10.1.x <= 10.1.1, 9.11.x <= 9.11.3, 9.5.x <= 9.5.11 fail to... High Unreviewed

CVE-2024-11599 was published Nov 28, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

92,896 advisories