GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,600 advisories

Filter by severity

Sort by

Least recently updated

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer... Critical Unreviewed

CVE-2024-52533 was published Nov 12, 2024

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-9659 was published Nov 23, 2024

The FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP... Critical Unreviewed

CVE-2024-9511 was published Nov 23, 2024

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-9942 was published Nov 23, 2024

The Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed

CVE-2024-10961 was published Nov 23, 2024

NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon... Critical Unreviewed

CVE-2024-0138 was published Nov 23, 2024

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command... Critical Unreviewed

CVE-2024-52034 was published Nov 23, 2024

The administrative interface listens by default on all interfaces on a TCP port and does not... Critical Unreviewed

CVE-2024-47138 was published Nov 23, 2024

A parameter within a command does not properly validate input within myPRO Manager which could be... Critical Unreviewed

CVE-2024-47407 was published Nov 23, 2024

The web application uses a weak authentication mechanism to verify that a request is coming from... Critical Unreviewed

CVE-2024-45369 was published Nov 23, 2024

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed

CVE-2024-52765 was published Nov 20, 2024

HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed

CVE-2024-52677 was published Nov 20, 2024

An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed

CVE-2024-51162 was published Nov 20, 2024

In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed

CVE-2018-9467 was published Nov 20, 2024

An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME... Critical Unreviewed

CVE-2024-28729 was published Nov 13, 2024

Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed

CVE-2024-8807 was published Nov 22, 2024

Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed

CVE-2024-8806 was published Nov 22, 2024

Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-51644 was published Nov 22, 2024

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This... Critical Unreviewed

CVE-2023-51639 was published Nov 22, 2024

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed

CVE-2023-52333 was published Nov 22, 2024

Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51641 was published Nov 22, 2024

Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed

CVE-2023-51638 was published Nov 22, 2024

Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51642 was published Nov 22, 2024

Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2024-6246 was published Nov 22, 2024

A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3.... Critical Unreviewed

CVE-2024-38645 was published Nov 22, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,600 advisories