GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,182
Composer 4,094
Erlang 29
GitHub Actions 19
Go 1,920
Maven 5,114
npm 3,648
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 822
Swift 35

Unreviewed advisories

All unreviewed 229,224

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,042 advisories

Filter by severity

Sort by

Least recently updated

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16... Critical Unreviewed

CVE-2023-4008 was published Aug 3, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed

CVE-2023-5009 was published Sep 19, 2023

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection... Critical Unreviewed

CVE-2024-9441 was published Oct 2, 2024

According to the researcher: "The TLS connections are encrypted against tampering or... Critical Unreviewed

CVE-2024-44097 was published Oct 2, 2024

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed

CVE-2024-20432 was published Oct 2, 2024

FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials. Critical Unreviewed

CVE-2024-45186 was published Oct 2, 2024

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC... Critical Unreviewed

CVE-2024-38812 was published Sep 17, 2024

An unauthenticated remote attacker may use a missing authentication for critical function... Critical Unreviewed

CVE-2024-35293 was published Oct 2, 2024

An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed

CVE-2023-1083 was published Apr 9, 2024

The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low... Critical Unreviewed

CVE-2024-25660 was published Oct 1, 2024

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of... Critical Unreviewed

CVE-2024-9402 was published Oct 1, 2024

A compromised content process could have allowed for the arbitrary loading of cross-origin pages.... Critical Unreviewed

CVE-2024-9392 was published Oct 1, 2024

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This... Critical Unreviewed

CVE-2023-33934 was published Aug 9, 2023

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed

CVE-2024-42514 was published Oct 1, 2024

Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird... Critical Unreviewed

CVE-2024-9401 was published Oct 1, 2024

The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user... Critical Unreviewed

CVE-2024-43423 was published Sep 25, 2024

An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain... Critical Unreviewed

CVE-2023-36100 was published Sep 1, 2023

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code... Critical Unreviewed

CVE-2024-41276 was published Oct 1, 2024

Installer RCE on settings file write in MyBB before 1.8.22. Critical Unreviewed

CVE-2020-22612 was published Sep 1, 2023

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2024-9265 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed

CVE-2024-9108 was published Oct 1, 2024

The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-9289 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2024-9106 was published Oct 1, 2024

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate... Critical Unreviewed

CVE-2023-25280 was published Mar 16, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,042 advisories