GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
23,683 advisories
Filter by severity
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out...
Critical
Unreviewed
CVE-2018-9478
was published
Nov 20, 2024
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to...
Critical
Unreviewed
CVE-2018-9471
was published
Nov 20, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out...
Critical
Unreviewed
CVE-2018-9479
was published
Nov 20, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of...
Critical
Unreviewed
CVE-2024-10094
was published
Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege...
Critical
Unreviewed
CVE-2024-9479
was published
Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege...
Critical
Unreviewed
CVE-2024-9478
was published
Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout...
Critical
Unreviewed
CVE-2024-52440
was published
Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object...
Critical
Unreviewed
CVE-2024-52439
was published
Nov 20, 2024
Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-52442
was published
Nov 20, 2024
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')...
Critical
Unreviewed
CVE-2024-52441
was published
Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Nerijus Masikonis Geolocator allows Object...
Critical
Unreviewed
CVE-2024-52443
was published
Nov 20, 2024
Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11...
Critical
Unreviewed
CVE-2024-10127
was published
Nov 20, 2024
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in...
Critical
Unreviewed
CVE-2024-52759
was published
Nov 19, 2024
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ...
Critical
Unreviewed
CVE-2024-52714
was published
Nov 19, 2024
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing...
Critical
Unreviewed
CVE-2018-9341
was published
Nov 19, 2024
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is...
Critical
Unreviewed
CVE-2024-42450
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a...
Critical
Unreviewed
CVE-2024-52401
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect...
Critical
Unreviewed
CVE-2024-52402
was published
Nov 19, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
Critical
Unreviewed
CVE-2024-51051
was published
Nov 19, 2024
An arbitrary file upload vulnerability in the component /main/fileupload.php of AVSCMS v8.2.0...
Critical
Unreviewed
CVE-2024-51053
was published
Nov 18, 2024
Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of...
Critical
Unreviewed
CVE-2024-50919
was published
Nov 18, 2024
cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes
Critical
CVE-2024-47533
was published
for
cobbler
(pip)
Nov 18, 2024
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated...
Critical
Unreviewed
CVE-2024-0012
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection...
Critical
Unreviewed
CVE-2024-52430
was published
Nov 18, 2024
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light allows...
Critical
Unreviewed
CVE-2024-52432
was published
Nov 18, 2024
ProTip!
Advisories are also available from the
GraphQL API