GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,097
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,247
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,449

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90,135 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in Envoy. It is possible to modify or manipulate headers from external clients... High Unreviewed

CVE-2024-7207 was published Sep 20, 2024

An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology... High Unreviewed

CVE-2024-40125 was published Sep 19, 2024

A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release... High Unreviewed

CVE-2024-7737 was published Sep 19, 2024

Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed

CVE-2024-38016 was published Sep 19, 2024

logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure... High Unreviewed

CVE-2024-45752 was published Sep 19, 2024

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed

CVE-2024-45862 was published Sep 19, 2024

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry... High Unreviewed

CVE-2024-7736 was published Sep 19, 2024

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add High Unreviewed

CVE-2024-46394 was published Sep 19, 2024

This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the... High Unreviewed

CVE-2024-47089 was published Sep 19, 2024

This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain... High Unreviewed

CVE-2024-47087 was published Sep 19, 2024

This vulnerability exists in LD DP Back Office due to improper implementation of OTP validation... High Unreviewed

CVE-2024-47086 was published Sep 19, 2024

This vulnerability exists in LD DP Back Office due to improper validation of certain parameters ... High Unreviewed

CVE-2024-47085 was published Sep 19, 2024

In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right... High Unreviewed

CVE-2024-37406 was published Sep 19, 2024

Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS... High Unreviewed

CVE-2024-8287 was published Sep 18, 2024

Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size... High Unreviewed

CVE-2024-34057 was published Sep 18, 2024

Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with... High Unreviewed

CVE-2024-44589 was published Sep 18, 2024

Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend. High Unreviewed

CVE-2024-46373 was published Sep 18, 2024

Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in... High Unreviewed

CVE-2023-41610 was published Sep 18, 2024

FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed

CVE-2024-46086 was published Sep 18, 2024

Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed

CVE-2023-41612 was published Sep 18, 2024

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed

CVE-2024-39589 was published Sep 18, 2024

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser... High Unreviewed

CVE-2024-36981 was published Sep 18, 2024

Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP... High Unreviewed

CVE-2024-39590 was published Sep 18, 2024

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser... High Unreviewed

CVE-2024-36980 was published Sep 18, 2024

An issue was discovered in Technitium through 11.0.2. It enables attackers to launch... High Unreviewed

CVE-2023-28456 was published Sep 18, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

90,135 advisories