GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,342
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,678
NuGet 645
pip 3,297
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

91,123 advisories

Filter by severity

Sort by

Least recently updated

The affected product is vulnerable to an attacker being able to use commands without providing a... High Unreviewed

CVE-2024-49399 was published Oct 17, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-43997 was published Oct 17, 2024

In LAquis SCADA version 4.7.1.511, a cross-site scripting vulnerability could allow an attacker... High Unreviewed

CVE-2024-9414 was published Oct 17, 2024

Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users... High Unreviewed

CVE-2023-6729 was published Oct 17, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-48023 was published Oct 17, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-48021 was published Oct 17, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-48032 was published Oct 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WSIFY – Sales can fly Wsify Widget allows... High Unreviewed

CVE-2024-48048 was published Oct 17, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2024-49315 was published Oct 17, 2024

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript... High Unreviewed

CVE-2024-49579 was published Oct 17, 2024

Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products. High Unreviewed

CVE-2024-6333 was published Oct 17, 2024

In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs... High Unreviewed

CVE-2023-44283 was published Oct 17, 2024

Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1... High Unreviewed

CVE-2024-23783 was published Oct 17, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-49320 was published Oct 17, 2024

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as... High Unreviewed

CVE-2024-10068 was published Oct 17, 2024

The SendPulse Free Web Push plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... High Unreviewed

CVE-2024-9184 was published Oct 17, 2024

: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... High Unreviewed

CVE-2024-48024 was published Oct 17, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2024-48043 was published Oct 17, 2024

Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed

CVE-2024-49390 was published Oct 17, 2024

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2024-49389 was published Oct 17, 2024

The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider... High Unreviewed

CVE-2024-5429 was published Oct 17, 2024

Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of... High Unreviewed

CVE-2024-45766 was published Oct 17, 2024

The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors... High Unreviewed

CVE-2024-9215 was published Oct 17, 2024

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9861 was published Oct 17, 2024

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based... High Unreviewed

CVE-2024-7994 was published Oct 17, 2024

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

91,123 advisories