GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,393
Composer 3,971
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,091
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,679

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

19,005 advisories

Filter by severity

Sort by

Least recently updated

SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d (Espeto)... Critical Unreviewed

CVE-2024-3704 was published Apr 12, 2024

Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on... Critical Unreviewed

CVE-2024-6298 was published Jul 5, 2024

Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <... Critical Unreviewed

CVE-2024-6209 was published Jul 5, 2024

rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command... Critical Unreviewed

CVE-2024-39943 was published Jul 5, 2024

The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go,... Critical Unreviewed

CVE-2024-39930 was published Jul 4, 2024

Gogs through 0.13.0 allows deletion of internal files. Critical Unreviewed

CVE-2024-39931 was published Jul 4, 2024

Gogs through 0.13.0 allows argument injection during the previewing of changes. Critical Unreviewed

CVE-2024-39932 was published Jul 4, 2024

Remote Command program allows an attacker to get Remote Code Execution by overwriting existing... Critical Unreviewed

CVE-2024-27173 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be... Critical Unreviewed

CVE-2024-27174 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

The Toshiba printers provide several ways to upload files using the web interface without... Critical Unreviewed

CVE-2024-27144 was published Jun 14, 2024

Toshiba printers use SNMP for configuration. Using the private community, it is possible to... Critical Unreviewed

CVE-2024-27143 was published Jun 14, 2024

The Toshiba printers provide several ways to upload files using the admin web interface. An... Critical Unreviewed

CVE-2024-27145 was published Jun 14, 2024

Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from... Critical Unreviewed

CVE-2024-3411 was published Apr 30, 2024

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection... Critical Unreviewed

CVE-2024-3816 was published Jul 3, 2024

An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST... Critical Unreviewed

CVE-2024-39243 was published Jun 26, 2024

An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST... Critical Unreviewed

CVE-2024-37734 was published Jun 27, 2024

Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry... Critical Unreviewed

CVE-2024-37082 was published Jul 3, 2024

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Critical Unreviewed

CVE-2024-6172 was published Jul 2, 2024

SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro"... Critical Unreviewed

CVE-2024-34988 was published Jun 25, 2024

In venc, there is a possible out of bounds write due to type confusion. This could lead to local... Critical Unreviewed

CVE-2024-20078 was published Jul 1, 2024

cafebazaar hod v0.4.14 was discovered to contain a prototype pollution via the function request.... Critical Unreviewed

CVE-2024-39015 was published Jul 1, 2024

Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10... Critical Unreviewed

CVE-2012-6664 was published Jun 22, 2024

Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in... Critical Unreviewed

CVE-2024-39848 was published Jun 30, 2024

Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. 1.4.0 allows... Critical Unreviewed

CVE-2024-39704 was published Jul 3, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,005 advisories