GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,725
Composer 4,023
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,155
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,686

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19,389 advisories

Filter by severity

Sort by

Least recently updated

TightVNC (Server for Windows) before 2.8.84 allows attackers to connect to the control pipe via a... Critical Unreviewed

CVE-2024-42049 was published Jul 28, 2024

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows... Critical Unreviewed

CVE-2024-40117 was published Jul 26, 2024

An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive... Critical Unreviewed

CVE-2024-26520 was published Jul 26, 2024

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed

CVE-2024-35161 was published Jul 26, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-41468 was published Jul 26, 2024

Softaculous Webuzo contains an authentication bypass vulnerability through the password reset... Critical Unreviewed

CVE-2024-24621 was published Jul 26, 2024

A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR)... Critical Unreviewed

CVE-2024-40324 was published Jul 25, 2024

Access control vulnerability in the security verification module. Impact: Successful exploitation... Critical Unreviewed

CVE-2024-39671 was published Jul 25, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via... Critical Unreviewed

CVE-2024-41461 was published Jul 24, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via... Critical Unreviewed

CVE-2024-41459 was published Jul 24, 2024

CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via... Critical Unreviewed

CVE-2024-41551 was published Jul 24, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via... Critical Unreviewed

CVE-2024-41460 was published Jul 24, 2024

Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate... Critical Unreviewed

CVE-2024-36535 was published Jul 24, 2024

Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and... Critical Unreviewed

CVE-2024-36540 was published Jul 24, 2024

Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate... Critical Unreviewed

CVE-2024-36539 was published Jul 24, 2024

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is... Critical Unreviewed

CVE-2024-40422 was published Jul 24, 2024

Remote command execution due to use of default passwords. The following products are affected:... Critical Unreviewed

CVE-2023-45249 was published Jul 24, 2024

In Progress® Telerik® Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code... Critical Unreviewed

CVE-2024-6327 was published Jul 24, 2024

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... Critical Unreviewed

CVE-2024-38164 was published Jul 24, 2024

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2024-41319 was published Jul 23, 2024

On versions before 2.1.4, session is not invalidated after logout. When the user logged in... Critical Unreviewed

CVE-2024-29070 was published Jul 23, 2024

A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that... Critical Unreviewed

CVE-2024-6793 was published Jul 22, 2024

A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming ... Critical Unreviewed

CVE-2024-6794 was published Jul 22, 2024

Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a... Critical Unreviewed

CVE-2024-6913 was published Jul 22, 2024

Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to... Critical Unreviewed

CVE-2024-6912 was published Jul 22, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,389 advisories