GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,885

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

235,885 advisories

Filter by severity

Sort by

Least recently updated

A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023... Moderate Unreviewed

CVE-2023-41266 was published Aug 30, 2023

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE:... Low Unreviewed

CVE-2023-46051 was published Mar 27, 2024

A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Critical Unreviewed

CVE-2024-53604 was published Nov 27, 2024

Input verification vulnerability in the log module. Impact: Successful exploitation of this... High Unreviewed

CVE-2024-27896 was published Apr 8, 2024

The Photo Gallery by 10Web WordPress plugin before 1.8.31 does not sanitise and escape some of... Moderate Unreviewed

CVE-2024-10704 was published Nov 29, 2024

pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that... Moderate Unreviewed

CVE-2024-39162 was published Nov 29, 2024

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access... High Unreviewed

CVE-2024-48651 was published Nov 29, 2024

Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could... Critical Unreviewed

CVE-2024-11992 was published Nov 29, 2024

nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the... Unknown Unreviewed

CVE-2024-36671 was published Nov 29, 2024

A Cross-Site Scripting (XSS) vulnerability in SurgeMail v78c2 could allow an attacker to execute... Moderate Unreviewed

CVE-2024-11990 was published Nov 29, 2024

Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an... Unknown Unreviewed

CVE-2024-48406 was published Nov 29, 2024

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and... Moderate Unreviewed

CVE-2024-10980 was published Nov 29, 2024

Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package... Critical Unreviewed

CVE-2024-52338 was published Nov 28, 2024

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed

CVE-2023-42793 was published Sep 19, 2023

The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura... Critical Unreviewed

CVE-2023-41993 was published Sep 21, 2023

By flooding the target resolver with queries exploiting this flaw an attacker can significantly... High Unreviewed

CVE-2022-2795 was published Sep 22, 2022

Certain models of routers from Billion Electric has a Plaintext Storage of a Password... High Unreviewed

CVE-2024-11982 was published Nov 29, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p22, <2... Moderate Unreviewed

CVE-2024-47094 was published Nov 29, 2024

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are... Critical Unreviewed

CVE-2024-50357 was published Nov 29, 2024

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API.... High Unreviewed

CVE-2024-11481 was published Nov 29, 2024

A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and... Critical Unreviewed

CVE-2024-11482 was published Nov 29, 2024

A XML External Entity (XXE) vulnerability has been identified in Easy Tax Client Software 2023 1... Moderate Unreviewed

CVE-2024-9044 was published Nov 29, 2024

Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to... Moderate Unreviewed

CVE-2024-11014 was published Nov 29, 2024

Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,... High Unreviewed

CVE-2024-11981 was published Nov 29, 2024

Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for... High Unreviewed

CVE-2024-11013 was published Nov 29, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

235,885 advisories