GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,042 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43978
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43976
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-44004
was published
Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication...
Critical
Unreviewed
CVE-2024-8956
was published
Sep 17, 2024
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC...
Critical
Unreviewed
CVE-2024-38812
was published
Sep 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),...
Critical
Unreviewed
CVE-2024-7873
was published
Sep 17, 2024
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The...
Critical
Unreviewed
CVE-2024-8767
was published
Sep 17, 2024
This issue was addressed with improved validation of file attributes. This issue is fixed in...
Critical
Unreviewed
CVE-2024-44148
was published
Sep 17, 2024
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15....
Critical
Unreviewed
CVE-2024-44146
was published
Sep 17, 2024
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in...
Critical
Unreviewed
CVE-2024-45415
was published
Sep 16, 2024
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in...
Critical
Unreviewed
CVE-2024-45414
was published
Sep 16, 2024
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that...
Critical
Unreviewed
CVE-2024-8752
was published
Sep 16, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww...
Critical
Unreviewed
CVE-2024-7104
was published
Sep 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-6401
was published
Sep 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure...
Critical
Unreviewed
CVE-2024-7098
was published
Sep 16, 2024
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer...
Critical
Unreviewed
CVE-2024-45694
was published
Sep 16, 2024
Certain models of D-Link wireless routers have a hidden functionality where the telnet service is...
Critical
Unreviewed
CVE-2024-45697
was published
Sep 16, 2024
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer...
Critical
Unreviewed
CVE-2024-45695
was published
Sep 16, 2024
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg...
Critical
Unreviewed
CVE-2024-46419
was published
Sep 16, 2024
TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the...
Critical
Unreviewed
CVE-2024-46451
was published
Sep 16, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties...
Critical
Unreviewed
CVE-2024-46937
was published
Sep 16, 2024
app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org...
Critical
Unreviewed
CVE-2024-46918
was published
Sep 16, 2024
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the...
Critical
Unreviewed
CVE-2024-46958
was published
Sep 16, 2024
Improper permission configurationDomain configuration vulnerability of the mobile application ...
Critical
Unreviewed
CVE-2024-8039
was published
Sep 16, 2024
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-8669
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API