GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,141 advisories
Filter by severity
The health endpoint is public so everybody can see a list of all services. It is potentially...
Critical
Unreviewed
CVE-2024-9798
was published
Oct 10, 2024
The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2024-9518
was published
Oct 10, 2024
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled)...
Critical
Unreviewed
CVE-2024-45746
was published
Oct 9, 2024
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated...
Critical
Unreviewed
CVE-2024-9465
was published
Oct 9, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated...
Critical
Unreviewed
CVE-2024-9463
was published
Oct 9, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated...
Critical
Unreviewed
CVE-2024-9464
was published
Oct 9, 2024
FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114...
Critical
Unreviewed
CVE-2024-25825
was published
Oct 9, 2024
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code...
Critical
Unreviewed
CVE-2024-8015
was published
Oct 9, 2024
An attacker was able to achieve code execution in the content process by exploiting a use-after...
Critical
Unreviewed
CVE-2024-9680
was published
Oct 9, 2024
Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers...
Critical
Unreviewed
CVE-2024-45160
was published
Oct 9, 2024
cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for...
Critical
Unreviewed
CVE-2023-46586
was published
Oct 9, 2024
Microsoft Configuration Manager Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43468
was published
Oct 8, 2024
Windows Netlogon Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-38124
was published
Oct 8, 2024
A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege...
Critical
Unreviewed
CVE-2024-3057
was published
Oct 8, 2024
A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated...
Critical
Unreviewed
CVE-2024-44349
was published
Oct 8, 2024
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that...
Critical
Unreviewed
CVE-2024-8884
was published
Oct 8, 2024
The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-8943
was published
Oct 8, 2024
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL...
Critical
Unreviewed
CVE-2024-8911
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47562
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47553
was published
Oct 8, 2024
A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >=...
Critical
Unreviewed
CVE-2023-52952
was published
Oct 8, 2024
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only...
Critical
Unreviewed
CVE-2024-41798
was published
Oct 8, 2024
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code ...
Critical
Unreviewed
CVE-2024-45874
was published
Oct 8, 2024
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2024-45873
was published
Oct 8, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an...
Critical
Unreviewed
CVE-2024-47967
was published
Oct 7, 2024
ProTip!
Advisories are also available from the
GraphQL API