GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,261
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,729
NuGet
662
pip
3,407
Pub
12
RubyGems
890
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,755 advisories
Filter by severity
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41647
was published
Dec 7, 2024
A SQL Injection vulnerability was found in the /teacher_signup.php of kashipara E-learning...
Critical
Unreviewed
CVE-2024-54920
was published
Dec 9, 2024
MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using...
Critical
Unreviewed
CVE-2024-12286
was published
Dec 10, 2024
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP...
Critical
Unreviewed
CVE-2024-55547
was published
Dec 10, 2024
Adobe Document Service allows an attacker with administrator privileges to send a crafted request...
Critical
Unreviewed
CVE-2024-47578
was published
Dec 10, 2024
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack...
Critical
Unreviewed
CVE-2024-37143
was published
Dec 10, 2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer...
Critical
Unreviewed
CVE-2022-23086
was published
Feb 15, 2024
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and...
Critical
Unreviewed
CVE-2024-27810
was published
May 14, 2024
MailCleaner before 28d913e has default values of ssh_host_dsa_key, ssh_host_rsa_key, and...
Critical
Unreviewed
CVE-2024-55560
was published
Dec 9, 2024
The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.
Critical
Unreviewed
CVE-2024-55564
was published
Dec 9, 2024
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and...
Critical
Unreviewed
CVE-2023-31241
was published
May 22, 2023
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow...
Critical
Unreviewed
CVE-2022-23085
was published
Feb 15, 2024
Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may...
Critical
Unreviewed
CVE-2023-52369
was published
Feb 18, 2024
Snap One OvrC Pro versions prior to 7.2 have their own locally...
Critical
Unreviewed
CVE-2023-31240
was published
May 22, 2023
Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog...
Critical
Unreviewed
CVE-2024-51164
was published
Nov 15, 2024
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware...
Critical
Unreviewed
CVE-2023-28386
was published
May 22, 2023
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54747
was published
Dec 6, 2024
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in...
Critical
Unreviewed
CVE-2024-23265
was published
Mar 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-54215
was published
Dec 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium...
Critical
Unreviewed
CVE-2024-53822
was published
Dec 9, 2024
Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet...
Critical
Unreviewed
CVE-2024-43222
was published
Dec 9, 2024
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting...
Critical
Unreviewed
CVE-2023-32117
was published
Dec 9, 2024
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local...
Critical
Unreviewed
CVE-2024-12209
was published
Dec 8, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-37863
was published
Dec 6, 2024
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful...
Critical
Unreviewed
CVE-2023-52378
was published
Feb 18, 2024
ProTip!
Advisories are also available from the
GraphQL API