GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,322
Composer 4,131
Erlang 29
GitHub Actions 19
Go 1,936
Maven 5,131
npm 3,676
NuGet 642
pip 3,292
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,502

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,141 advisories

Filter by severity

Sort by

Least recently updated

The health endpoint is public so everybody can see a list of all services. It is potentially... Critical Unreviewed

CVE-2024-9798 was published Oct 10, 2024

The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2024-9518 was published Oct 10, 2024

An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled)... Critical Unreviewed

CVE-2024-45746 was published Oct 9, 2024

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9465 was published Oct 9, 2024

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9463 was published Oct 9, 2024

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated... Critical Unreviewed

CVE-2024-9464 was published Oct 9, 2024

FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114... Critical Unreviewed

CVE-2024-25825 was published Oct 9, 2024

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code... Critical Unreviewed

CVE-2024-8015 was published Oct 9, 2024

An attacker was able to achieve code execution in the content process by exploiting a use-after... Critical Unreviewed

CVE-2024-9680 was published Oct 9, 2024

Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers... Critical Unreviewed

CVE-2024-45160 was published Oct 9, 2024

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for... Critical Unreviewed

CVE-2023-46586 was published Oct 9, 2024

Microsoft Configuration Manager Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-43468 was published Oct 8, 2024

Windows Netlogon Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2024-38124 was published Oct 8, 2024

A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege... Critical Unreviewed

CVE-2024-3057 was published Oct 8, 2024

A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated... Critical Unreviewed

CVE-2024-44349 was published Oct 8, 2024

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Critical Unreviewed

CVE-2024-8884 was published Oct 8, 2024

The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-8943 was published Oct 8, 2024

The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL... Critical Unreviewed

CVE-2024-8911 was published Oct 8, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47562 was published Oct 8, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47553 was published Oct 8, 2024

A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >=... Critical Unreviewed

CVE-2023-52952 was published Oct 8, 2024

A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only... Critical Unreviewed

CVE-2024-41798 was published Oct 8, 2024

A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code ... Critical Unreviewed

CVE-2024-45874 was published Oct 8, 2024

A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary... Critical Unreviewed

CVE-2024-45873 was published Oct 8, 2024

Improper resource initialization handling in firmware of some Solidigm DC Products may allow an... Critical Unreviewed

CVE-2024-47967 was published Oct 7, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,141 advisories