Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

23,683 advisories

Loading
Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector allows Object... Critical Unreviewed
CVE-2024-52410 was published Nov 17, 2024
Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This... Critical Unreviewed
CVE-2024-52412 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Bigfive CF7 Reply Manager.This... Critical Unreviewed
CVE-2024-52404 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Clarisse K. Writer Helper allows... Critical Unreviewed
CVE-2024-52399 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WPExperts User Management allows... Critical Unreviewed
CVE-2024-52403 was published Nov 17, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Halyra CDI.This issue affects... Critical Unreviewed
CVE-2024-52398 was published Nov 17, 2024
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-8856 was published Nov 16, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45970 was published Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45971 was published Nov 15, 2024
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double... Critical Unreviewed
CVE-2024-10934 was published Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to... Critical Unreviewed
CVE-2023-20036 was published Nov 15, 2024
LibreNMS has an Authenticated OS Command Injection Critical
CVE-2024-51092 was published for librenms/librenms (Composer) Nov 15, 2024
mallo-m
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an... Critical Unreviewed
CVE-2023-20154 was published Nov 15, 2024
Improper neutralization of special elements used in a command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-10443 was published Nov 15, 2024
Deserialization of Untrusted Data in dompdf/dompdf Critical
CVE-2021-3838 was published for dompdf/dompdf (Composer) Nov 15, 2024
Improper Restriction of XML External Entity Reference in dompdf/dompdf Critical
CVE-2021-3902 was published for dompdf/dompdf (Composer) Nov 15, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed
CVE-2024-10924 was published Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed
CVE-2024-11120 was published Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the... Critical Unreviewed
CVE-2024-48970 was published Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for... Critical Unreviewed
CVE-2024-48967 was published Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed
CVE-2024-48974 was published Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in... Critical Unreviewed
CVE-2024-48971 was published Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an... Critical Unreviewed
CVE-2024-48973 was published Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed
CVE-2024-48966 was published Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed
CVE-2024-9832 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database