Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,831 advisories

Loading
A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware... High Unreviewed
CVE-2024-11667 was published Nov 27, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
An authenticated user with API access (e.g.: user with default User role), more specifically a... High Unreviewed
CVE-2024-36467 was published Nov 27, 2024
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app... High Unreviewed
CVE-2024-5921 was published Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed
CVE-2024-53674 was published Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed
CVE-2024-53675 was published Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed
CVE-2024-11622 was published Nov 27, 2024
A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed
CVE-2024-53673 was published Nov 27, 2024
Microsoft Dynamics 365 Sales Spoofing Vulnerability High Unreviewed
CVE-2024-49053 was published Nov 26, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed
CVE-2024-49052 was published Nov 26, 2024
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this... High Unreviewed
CVE-2024-11745 was published Nov 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5... High Unreviewed
CVE-2024-8114 was published Nov 26, 2024
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
The Contact Form 7 Email Add on plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-10898 was published Nov 26, 2024
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. High Unreviewed
CVE-2024-53335 was published Nov 26, 2024
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53555 was published Nov 26, 2024
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed
CVE-2024-52336 was published Nov 26, 2024
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2024-9461 was published Nov 26, 2024
QSEE will randomly experience a fatal error during execution due to speculative instruction... High Unreviewed
CVE-2016-10408 was published Nov 26, 2024
Crafted Binder Request Causes Heap UAF in MediaServer High Unreviewed
CVE-2018-11816 was published Nov 26, 2024
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while... High Unreviewed
CVE-2018-5852 was published Nov 26, 2024
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
Information disclosure possible while audio playback. High Unreviewed
CVE-2017-18307 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50362 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50365 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database