GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,182
Composer 4,094
Erlang 29
GitHub Actions 19
Go 1,920
Maven 5,114
npm 3,648
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 822
Swift 35

Unreviewed advisories

All unreviewed 229,224

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,042 advisories

Filter by severity

Sort by

Least recently updated

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection... Critical Unreviewed

CVE-2024-9441 was published Oct 2, 2024

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed

CVE-2024-20432 was published Oct 2, 2024

According to the researcher: "The TLS connections are encrypted against tampering or... Critical Unreviewed

CVE-2024-44097 was published Oct 2, 2024

An unauthenticated remote attacker may use a missing authentication for critical function... Critical Unreviewed

CVE-2024-35293 was published Oct 2, 2024

FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials. Critical Unreviewed

CVE-2024-45186 was published Oct 2, 2024

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed

CVE-2024-42514 was published Oct 1, 2024

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of... Critical Unreviewed

CVE-2024-9402 was published Oct 1, 2024

Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird... Critical Unreviewed

CVE-2024-9401 was published Oct 1, 2024

The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low... Critical Unreviewed

CVE-2024-25660 was published Oct 1, 2024

A compromised content process could have allowed for the arbitrary loading of cross-origin pages.... Critical Unreviewed

CVE-2024-9392 was published Oct 1, 2024

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code... Critical Unreviewed

CVE-2024-41276 was published Oct 1, 2024

The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-9289 was published Oct 1, 2024

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2024-9265 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-9108 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2024-9106 was published Oct 1, 2024

An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web... Critical Unreviewed

CVE-2024-42017 was published Sep 30, 2024

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control.... Critical Unreviewed

CVE-2024-46293 was published Sep 30, 2024

Certain switch models from PLANET Technology lack proper access control in firmware upload and... Critical Unreviewed

CVE-2024-8456 was published Sep 30, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP... Critical Unreviewed

CVE-2024-8353 was published Sep 28, 2024

OPW Fuel Management Systems SiteSentinel could allow an attacker to bypass authentication to the... Critical Unreviewed

CVE-2024-8310 was published Sep 27, 2024

OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform... Critical Unreviewed

CVE-2024-6981 was published Sep 27, 2024

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete... Critical Unreviewed

CVE-2024-8630 was published Sep 27, 2024

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western... Critical Unreviewed

CVE-2024-22170 was published Sep 27, 2024

A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote... Critical Unreviewed

CVE-2024-46367 was published Sep 27, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,042 advisories