Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,495 advisories

Loading
There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed
CVE-2024-9832 was published Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and... Critical Unreviewed
CVE-2024-9834 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –... Critical Unreviewed
CVE-2024-52370 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket... Critical Unreviewed
CVE-2024-52369 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies... Critical Unreviewed
CVE-2024-52379 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator... Critical Unreviewed
CVE-2024-52377 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for... Critical Unreviewed
CVE-2024-52376 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery... Critical Unreviewed
CVE-2024-52373 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer... Critical Unreviewed
CVE-2024-52372 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize... Critical Unreviewed
CVE-2024-52380 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots,... Critical Unreviewed
CVE-2024-52384 was published Nov 14, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege... Critical Unreviewed
CVE-2024-52382 was published Nov 14, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove... Critical Unreviewed
CVE-2024-52393 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows... Critical Unreviewed
CVE-2024-52374 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager... Critical Unreviewed
CVE-2024-52375 was published Nov 14, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows... Critical Unreviewed
CVE-2024-3379 was published Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3502 was published Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3501 was published Nov 14, 2024
A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method... Critical Unreviewed
CVE-2024-4343 was published Nov 14, 2024
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to... Critical Unreviewed
CVE-2024-37285 was published Nov 14, 2024
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion... Critical Unreviewed
CVE-2024-10571 was published Nov 14, 2024
Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This... Critical Unreviewed
CVE-2024-50306 was published Nov 14, 2024
The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-11028 was published Nov 13, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when... Critical Unreviewed
CVE-2024-10575 was published Nov 13, 2024
The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-10820 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database