GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,421

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,801 advisories

Filter by severity

Sort by

Least recently updated

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-10124 was published Dec 12, 2024

The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-11015 was published Dec 12, 2024

In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the... Critical Unreviewed

CVE-2024-55884 was published Dec 12, 2024

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-49112 was published Dec 12, 2024

From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed

CVE-2024-42448 was published Dec 12, 2024

GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote... Critical Unreviewed

CVE-2024-11948 was published Dec 12, 2024

CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and... Critical Unreviewed

CVE-2024-11737 was published Dec 11, 2024

When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could... Critical Unreviewed

CVE-2024-11053 was published Dec 11, 2024

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting ... Critical Unreviewed

CVE-2024-54032 was published Dec 10, 2024

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication... Critical Unreviewed

CVE-2024-46442 was published Dec 10, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11634 was published Dec 10, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated... Critical Unreviewed

CVE-2024-11633 was published Dec 10, 2024

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11639 was published Dec 10, 2024

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11772 was published Dec 10, 2024

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11773 was published Dec 10, 2024

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP... Critical Unreviewed

CVE-2024-55547 was published Dec 10, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45494 was published Dec 10, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45493 was published Dec 10, 2024

MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using... Critical Unreviewed

CVE-2024-12286 was published Dec 10, 2024

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-54751 was published Dec 10, 2024

Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C,... Critical Unreviewed

CVE-2024-5660 was published Dec 10, 2024

Adobe Document Service allows an attacker with administrator privileges to send a crafted request... Critical Unreviewed

CVE-2024-47578 was published Dec 10, 2024

CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account... Critical Unreviewed

CVE-2024-53552 was published Dec 10, 2024

Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... Critical Unreviewed

CVE-2024-37143 was published Dec 10, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,801 advisories