GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,123 advisories
Filter by severity
The affected product is vulnerable to an attacker being able to use commands without providing a...
High
Unreviewed
CVE-2024-49399
was published
Oct 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43997
was published
Oct 17, 2024
In LAquis SCADA version 4.7.1.511, a cross-site scripting vulnerability could allow an attacker...
High
Unreviewed
CVE-2024-9414
was published
Oct 17, 2024
Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users...
High
Unreviewed
CVE-2023-6729
was published
Oct 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-48023
was published
Oct 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-48021
was published
Oct 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-48032
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WSIFY – Sales can fly Wsify Widget allows...
High
Unreviewed
CVE-2024-48048
was published
Oct 17, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2024-49315
was published
Oct 17, 2024
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript...
High
Unreviewed
CVE-2024-49579
was published
Oct 17, 2024
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
High
Unreviewed
CVE-2024-6333
was published
Oct 17, 2024
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs...
High
Unreviewed
CVE-2023-44283
was published
Oct 17, 2024
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1...
High
Unreviewed
CVE-2024-23783
was published
Oct 17, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49320
was published
Oct 17, 2024
A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as...
High
Unreviewed
CVE-2024-10068
was published
Oct 17, 2024
The SendPulse Free Web Push plugin for WordPress is vulnerable to Stored Cross-Site Scripting in...
High
Unreviewed
CVE-2024-9184
was published
Oct 17, 2024
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in...
High
Unreviewed
CVE-2024-48024
was published
Oct 17, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-48043
was published
Oct 17, 2024
Local privilege escalation due to DLL hijacking vulnerability. The following products are...
High
Unreviewed
CVE-2024-49390
was published
Oct 17, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
High
Unreviewed
CVE-2024-49389
was published
Oct 17, 2024
The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider...
High
Unreviewed
CVE-2024-5429
was published
Oct 17, 2024
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9861
was published
Oct 17, 2024
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based...
High
Unreviewed
CVE-2024-7994
was published
Oct 17, 2024
ProTip!
Advisories are also available from the
GraphQL API