GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
223,401 advisories
Filter by severity
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40037
was published
Jul 9, 2024
An integer overflow vulnerability due to improper input validation when reading TDMS files in...
Moderate
Unreviewed
CVE-2024-6638
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand that may result in...
High
Unreviewed
CVE-2024-6675
was published
Jul 22, 2024
SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote...
Unknown
Unreviewed
CVE-2024-40502
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ...
Critical
Unreviewed
CVE-2024-6794
was published
Jul 22, 2024
A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that...
Critical
Unreviewed
CVE-2024-6793
was published
Jul 22, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File...
High
Unreviewed
CVE-2024-6805
was published
Jul 22, 2024
Files on the Windows system are accessible without authentication to external parties due to a...
High
Unreviewed
CVE-2024-6911
was published
Jul 22, 2024
The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project...
Critical
Unreviewed
CVE-2024-6806
was published
Jul 22, 2024
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a...
Critical
Unreviewed
CVE-2024-6913
was published
Jul 22, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to...
Critical
Unreviewed
CVE-2024-6912
was published
Jul 22, 2024
A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307...
Moderate
Unreviewed
CVE-2024-22855
was published
Jun 12, 2024
In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that...
Unknown
Unreviewed
CVE-2024-41880
was published
Jul 22, 2024
EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability...
Unknown
Unreviewed
CVE-2024-39250
was published
Jul 22, 2024
Laravel v11.x was discovered to contain an XML External Entity (XXE) vulnerability.
Unknown
Unreviewed
CVE-2024-40075
was published
Jul 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40039
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40034
was published
Jul 9, 2024
An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute...
Unknown
Unreviewed
CVE-2024-38944
was published
Jul 22, 2024
Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 and earlier allows...
Unknown
Unreviewed
CVE-2024-34329
was published
Jul 22, 2024
A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to...
Moderate
Unreviewed
CVE-2024-37380
was published
Jul 22, 2024
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple...
High
Unreviewed
CVE-2024-6121
was published
Jul 22, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server...
Moderate
Unreviewed
CVE-2024-6122
was published
Jul 22, 2024
A directory path traversal vulnerability exists when loading a vsmodel file in NI VeriStand that...
High
Unreviewed
CVE-2024-6791
was published
Jul 22, 2024
The FooGallery WordPress plugin before 2.4.15, foogallery-premium WordPress plugin before 2.4.15...
Moderate
Unreviewed
CVE-2024-2762
was published
Jun 13, 2024
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that...
High
Unreviewed
CVE-2021-33627
was published
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API