Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,474 advisories

Loading
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c... Critical Unreviewed
CVE-2024-46613 was published Nov 10, 2024
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion... Critical Unreviewed
CVE-2024-10571 was published Nov 14, 2024
An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain... Critical Unreviewed
CVE-2024-24116 was published Oct 2, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti... Critical Unreviewed
CVE-2024-38656 was published Nov 13, 2024
A SQL injection vulnerability in /model/get_events.php in campcodes Complete Web-Based School... Critical Unreviewed
CVE-2024-33403 was published May 6, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed
CVE-2024-39711 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy... Critical Unreviewed
CVE-2024-39710 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-38655 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed
CVE-2024-39712 was published Nov 13, 2024
The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-11028 was published Nov 13, 2024
The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to... Critical Unreviewed
CVE-2024-10820 was published Nov 13, 2024
The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due... Critical Unreviewed
CVE-2024-11150 was published Nov 13, 2024
CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when... Critical Unreviewed
CVE-2024-10575 was published Nov 13, 2024
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability... Critical Unreviewed
CVE-2024-8938 was published Nov 13, 2024
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed
CVE-2023-4699 was published Nov 6, 2023
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed
CVE-2024-10217 was published Nov 12, 2024
XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed
CVE-2024-10218 was published Nov 12, 2024
A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage... Critical Unreviewed
CVE-2024-50989 was published Nov 11, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed
CVE-2024-8074 was published Nov 12, 2024
vmir e8117 was discovered to contain a stack overflow via the init_local_vars function at /src... Critical Unreviewed
CVE-2024-35426 was published Nov 9, 2024
The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm... Critical Unreviewed
CVE-2024-50667 was published Nov 11, 2024
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer... Critical Unreviewed
CVE-2024-52533 was published Nov 12, 2024
Azure CycleCloud Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-43602 was published Nov 12, 2024
An authentication bypass vulnerability exists in the affected product. The vulnerability exists... Critical Unreviewed
CVE-2024-10943 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database