Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

23,683 advisories

Loading
exotel-py 0.1.6 includes code execution backdoor inserted by a third party Critical
CVE-2022-38792 was published for exotel (pip) Aug 28, 2022
DIRAC's TokenManager does not check permissions on cached tokens Critical
CVE-2024-24825 was published for DIRAC (pip) Feb 8, 2024
chaen aldbr
chrisburr
Backdoor in api-res-py Critical
CVE-2022-31313 was published for api-res-py (pip) Jun 9, 2022
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed
CVE-2018-9471 was published Nov 20, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9479 was published Nov 20, 2024
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in... Critical Unreviewed
CVE-2024-52759 was published Nov 19, 2024
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ... Critical Unreviewed
CVE-2024-52714 was published Nov 19, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9478 was published Nov 20, 2024
Grafana plugin SDK Information Leakage Critical
CVE-2024-8986 was published for github.com/grafana/grafana-plugin-sdk-go (Go) Sep 19, 2024
.NET Remote Code Execution Vulnerability Critical
CVE-2024-43498 was published for System.Formats.Nrbf (NuGet) Nov 12, 2024
matt-phylum
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing... Critical Unreviewed
CVE-2018-9341 was published Nov 19, 2024
A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School... Critical Unreviewed
CVE-2024-34932 was published May 23, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed
CVE-2024-52434 was published Nov 18, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9479 was published Nov 20, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed
CVE-2024-10094 was published Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9478 was published Nov 20, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11312 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11313 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11311 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11314 was published Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed
CVE-2024-52427 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11315 was published Nov 18, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed
CVE-2024-10924 was published Nov 15, 2024
Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout... Critical Unreviewed
CVE-2024-52440 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed
CVE-2024-52439 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database