GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,912 advisories
Filter by severity
A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This...
Critical
Unreviewed
CVE-2024-12371
was published
Dec 18, 2024
A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The...
Critical
Unreviewed
CVE-2024-12373
was published
Dec 18, 2024
A denial-of-service and possible remote code execution vulnerability exists in the Rockwell...
Critical
Unreviewed
CVE-2024-12372
was published
Dec 18, 2024
A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5...
Critical
Unreviewed
CVE-2023-34990
was published
Dec 18, 2024
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')...
Critical
Unreviewed
CVE-2024-56059
was published
Dec 18, 2024
Deserialization of Untrusted Data vulnerability in Gueststream VRPConnector allows Object...
Critical
Unreviewed
CVE-2024-56058
was published
Dec 18, 2024
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what...
Critical
Unreviewed
CVE-2024-4995
was published
Dec 18, 2024
Use of a hard-coded password for a database administrator account created during Wapro ERP...
Critical
Unreviewed
CVE-2024-4996
was published
Dec 18, 2024
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all...
Critical
Unreviewed
CVE-2024-12287
was published
Dec 18, 2024
An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially...
Critical
Unreviewed
CVE-2024-29224
was published
Dec 18, 2024
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-29646
was published
Dec 18, 2024
rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set...
Critical
Unreviewed
CVE-2024-31668
was published
Dec 18, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component...
Critical
Unreviewed
CVE-2024-55513
was published
Dec 17, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The...
Critical
Unreviewed
CVE-2024-55516
was published
Dec 17, 2024
A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component...
Critical
Unreviewed
CVE-2024-55515
was published
Dec 17, 2024
Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf...
Critical
Unreviewed
CVE-2024-54662
was published
Dec 17, 2024
A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project...
Critical
Unreviewed
CVE-2024-55496
was published
Dec 17, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-8972
was published
Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support...
Critical
Unreviewed
CVE-2024-12356
was published
Dec 17, 2024
Authentication Bypass
vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops...
Critical
Unreviewed
CVE-2024-10205
was published
Dec 17, 2024
GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in...
Critical
Unreviewed
CVE-2024-55085
was published
Dec 17, 2024
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-29671
was published
Dec 17, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow.
Critical
Unreviewed
CVE-2024-52949
was published
Dec 17, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric...
Critical
Unreviewed
CVE-2024-55557
was published
Dec 16, 2024
The server lacks thread safety and can be crashed by anomalous data sent by an anonymous user...
Critical
Unreviewed
CVE-2024-11144
was published
Dec 16, 2024
ProTip!
Advisories are also available from the
GraphQL API