GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,415 advisories
Filter by severity
A vulnerability in the storage method of the PON Controller configuration file could allow an...
High
Unreviewed
CVE-2024-20489
was published
Sep 11, 2024
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo...
High
Unreviewed
CVE-2024-47134
was published
Oct 3, 2024
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name:...
High
Unreviewed
CVE-2024-47135
was published
Oct 3, 2024
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC...
High
Unreviewed
CVE-2024-47136
was published
Oct 3, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows...
High
Unreviewed
CVE-2024-7108
was published
Sep 26, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
High
Unreviewed
CVE-2024-8686
was published
Sep 11, 2024
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based...
High
Unreviewed
CVE-2023-3705
was published
Aug 24, 2023
FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via...
High
Unreviewed
CVE-2024-41290
was published
Oct 2, 2024
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a...
High
Unreviewed
CVE-2023-26095
was published
Aug 28, 2023
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service...
High
Unreviewed
CVE-2023-41121
was published
Aug 26, 2023
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20499
was published
Oct 2, 2024
A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox ...
High
Unreviewed
CVE-2024-28888
was published
Oct 2, 2024
A potential security vulnerability
has been identified in the HP One Agent for certain HP PC...
High
Unreviewed
CVE-2024-8733
was published
Oct 2, 2024
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20501
was published
Oct 2, 2024
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20498
was published
Oct 2, 2024
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP...
High
Unreviewed
CVE-2023-41173
was published
Aug 25, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6...
High
Unreviewed
CVE-2023-39289
was published
Aug 26, 2023
Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without...
High
Unreviewed
CVE-2023-37249
was published
Aug 25, 2023
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and...
High
Unreviewed
CVE-2023-20578
was published
Aug 13, 2024
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip...
High
Unreviewed
CVE-2024-46080
was published
Oct 1, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip...
High
Unreviewed
CVE-2024-46084
was published
Oct 1, 2024
The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient...
High
Unreviewed
CVE-2024-7315
was published
Oct 2, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W,...
High
Unreviewed
CVE-2024-20393
was published
Oct 2, 2024
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted...
High
Unreviewed
CVE-2024-46626
was published
Oct 2, 2024
ProTip!
Advisories are also available from the
GraphQL API