GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,253
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,402
Pub
12
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,740 advisories
Filter by severity
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-37863
was published
Dec 6, 2024
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful...
Critical
Unreviewed
CVE-2023-52378
was published
Feb 18, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients...
Critical
Unreviewed
CVE-2024-46874
was published
Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous...
Critical
Unreviewed
CVE-2024-52324
was published
Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability...
Critical
Unreviewed
CVE-2024-48874
was published
Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-38920
was published
Dec 6, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to...
Critical
Unreviewed
CVE-2024-37861
was published
Dec 6, 2024
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability....
Critical
Unreviewed
CVE-2024-11680
was published
Nov 26, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb...
Critical
Unreviewed
CVE-2024-51378
was published
Oct 30, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for...
Critical
Unreviewed
CVE-2024-47547
was published
Dec 6, 2024
The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker...
Critical
Unreviewed
CVE-2024-48871
was published
Dec 6, 2024
The affected product is vulnerable to a command injection. An unauthenticated attacker could send...
Critical
Unreviewed
CVE-2024-52320
was published
Dec 6, 2024
A SQL injection vulnerability has been reported to affect several QNAP operating system versions....
Critical
Unreviewed
CVE-2024-50387
was published
Dec 6, 2024
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If...
Critical
Unreviewed
CVE-2024-50388
was published
Dec 6, 2024
Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow...
Critical
Unreviewed
CVE-2024-54750
was published
Dec 6, 2024
A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the...
Critical
Unreviewed
CVE-2024-50389
was published
Dec 6, 2024
The go command may execute arbitrary code at build time when using cgo. This may occur when...
Critical
Unreviewed
CVE-2023-29405
was published
Jun 8, 2023
Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing...
Critical
Unreviewed
CVE-2024-53810
was published
Dec 6, 2024
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The...
Critical
Unreviewed
CVE-2024-52335
was published
Dec 6, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a...
Critical
Unreviewed
CVE-2024-54214
was published
Dec 6, 2024
The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of...
Critical
Unreviewed
CVE-2024-10773
was published
Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-51615
was published
Dec 6, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro...
Critical
Unreviewed
CVE-2024-51815
was published
Dec 6, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer...
Critical
Unreviewed
CVE-2024-52533
was published
Nov 12, 2024
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that...
Critical
Unreviewed
CVE-2024-12155
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API