GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,251
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,719 advisories
Filter by severity
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions...
Critical
Unreviewed
CVE-2024-40744
was published
Dec 4, 2024
Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on...
Critical
Unreviewed
CVE-2024-6298
was published
Jul 5, 2024
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly...
Critical
Unreviewed
CVE-2024-51551
was published
Dec 5, 2024
Username Enumeration vulnerabilities allow access to application level username add, delete,...
Critical
Unreviewed
CVE-2024-51545
was published
Dec 5, 2024
Default Credentail vulnerabilities allows access to an Aspect device using publicly available...
Critical
Unreviewed
CVE-2024-51555
was published
Dec 5, 2024
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources....
Critical
Unreviewed
CVE-2024-51549
was published
Dec 5, 2024
Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login...
Critical
Unreviewed
CVE-2024-11317
was published
Dec 5, 2024
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized...
Critical
Unreviewed
CVE-2024-51550
was published
Dec 5, 2024
Improper Input Validation vulnerability allows Remote Code Execution.
Affected products:
ABB...
Critical
Unreviewed
CVE-2024-48839
was published
Dec 5, 2024
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to...
Critical
Unreviewed
CVE-2024-6516
was published
Dec 5, 2024
Unauthorized Access vulnerabilities allow Remote Code Execution.
Affected products:
ABB ASPECT...
Critical
Unreviewed
CVE-2024-48840
was published
Dec 5, 2024
Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of...
Critical
Unreviewed
CVE-2024-48845
was published
Dec 5, 2024
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series
v <...
Critical
Unreviewed
CVE-2024-6209
was published
Jul 5, 2024
In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to
an unusual root...
Critical
Unreviewed
CVE-2018-9416
was published
Dec 5, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-54221
was published
Dec 5, 2024
IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels...
Critical
Unreviewed
CVE-2024-10905
was published
Dec 2, 2024
nodemcu before v3.0.0-release_20240225 was discovered to contain an integer overflow via the...
Critical
Unreviewed
CVE-2024-36671
was published
Nov 29, 2024
Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an...
Critical
Unreviewed
CVE-2024-48406
was published
Nov 29, 2024
qiwen-file v1.4.0 was discovered to contain a SQL injection vulnerability via the component ...
Critical
Unreviewed
CVE-2024-50942
was published
Nov 26, 2024
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows...
Critical
Unreviewed
CVE-2024-51366
was published
Nov 21, 2024
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows...
Critical
Unreviewed
CVE-2024-51365
was published
Nov 21, 2024
readline.sh in socat through 1.8.0.1 relies on the /tmp/$USER/stderr2 file.
Critical
Unreviewed
CVE-2024-54661
was published
Dec 4, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required...
Critical
Unreviewed
CVE-2024-11703
was published
Nov 26, 2024
Infinix devices contain a pre-loaded "com.transsion.agingfunction" application, that exposes an...
Critical
Unreviewed
CVE-2024-10576
was published
Dec 4, 2024
An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port...
Critical
Unreviewed
CVE-2024-52544
was published
Dec 3, 2024
ProTip!
Advisories are also available from the
GraphQL API