GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,255
Erlang
31
GitHub Actions
21
Go
2,021
Maven
5,000+
npm
3,728
NuGet
662
pip
3,406
Pub
12
RubyGems
890
Rust
862
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,751 advisories
Filter by severity
Adobe Document Service allows an attacker with administrator privileges to send a crafted request...
Critical
Unreviewed
CVE-2024-47578
was published
Dec 10, 2024
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack...
Critical
Unreviewed
CVE-2024-37143
was published
Dec 10, 2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer...
Critical
Unreviewed
CVE-2022-23086
was published
Feb 15, 2024
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and...
Critical
Unreviewed
CVE-2024-27810
was published
May 14, 2024
MailCleaner before 28d913e has default values of ssh_host_dsa_key, ssh_host_rsa_key, and...
Critical
Unreviewed
CVE-2024-55560
was published
Dec 9, 2024
The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.
Critical
Unreviewed
CVE-2024-55564
was published
Dec 9, 2024
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and...
Critical
Unreviewed
CVE-2023-31241
was published
May 22, 2023
A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow...
Critical
Unreviewed
CVE-2022-23085
was published
Feb 15, 2024
Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may...
Critical
Unreviewed
CVE-2023-52369
was published
Feb 18, 2024
Snap One OvrC Pro versions prior to 7.2 have their own locally...
Critical
Unreviewed
CVE-2023-31240
was published
May 22, 2023
Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog...
Critical
Unreviewed
CVE-2024-51164
was published
Nov 15, 2024
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware...
Critical
Unreviewed
CVE-2023-28386
was published
May 22, 2023
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54747
was published
Dec 6, 2024
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in...
Critical
Unreviewed
CVE-2024-23265
was published
Mar 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-54215
was published
Dec 9, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium...
Critical
Unreviewed
CVE-2024-53822
was published
Dec 9, 2024
Missing Authorization vulnerability in Envato Security Team Sweet Date.This issue affects Sweet...
Critical
Unreviewed
CVE-2024-43222
was published
Dec 9, 2024
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting...
Critical
Unreviewed
CVE-2023-32117
was published
Dec 9, 2024
The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local...
Critical
Unreviewed
CVE-2024-12209
was published
Dec 8, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-37863
was published
Dec 6, 2024
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful...
Critical
Unreviewed
CVE-2023-52378
was published
Feb 18, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous...
Critical
Unreviewed
CVE-2024-52324
was published
Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients...
Critical
Unreviewed
CVE-2024-46874
was published
Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability...
Critical
Unreviewed
CVE-2024-48874
was published
Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-37861
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API