GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,421

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,801 advisories

Filter by severity

Sort by

Least recently updated

The issue stems from a missing validation of the pip field in a POST request sent to the ... Critical Unreviewed

CVE-2024-21574 was published Dec 12, 2024

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-10124 was published Dec 12, 2024

The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-11015 was published Dec 12, 2024

In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the... Critical Unreviewed

CVE-2024-55884 was published Dec 12, 2024

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-49112 was published Dec 12, 2024

From the VSPC management agent machine, under condition that the management agent is authorized... Critical Unreviewed

CVE-2024-42448 was published Dec 12, 2024

GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote... Critical Unreviewed

CVE-2024-11948 was published Dec 12, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38921 was published Dec 7, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38927 was published Dec 7, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38924 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41645 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41644 was published Dec 7, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38926 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41649 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41646 was published Dec 7, 2024

An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2024-48453 was published Dec 4, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38923 was published Dec 7, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38925 was published Dec 7, 2024

whapa v1.59 is vulnerable to Command Injection via a crafted filename to the HTML reports component. Critical Unreviewed

CVE-2024-53442 was published Dec 5, 2024

WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed

CVE-2024-54745 was published Dec 6, 2024

SQL Injection vulnerability in Flipkart-Clone-PHP version 1.0 in entry.php in product_title... Critical Unreviewed

CVE-2022-38947 was published Dec 9, 2024

CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account... Critical Unreviewed

CVE-2024-53552 was published Dec 10, 2024

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-54751 was published Dec 10, 2024

Oxide control plane software before 5 allows SSRF. Critical Unreviewed

CVE-2023-50913 was published Dec 5, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,801 advisories