GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,429 advisories
Filter by severity
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It...
Critical
Unreviewed
CVE-2024-10914
was published
Nov 6, 2024
The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2024-8615
was published
Nov 6, 2024
The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability...
Critical
Unreviewed
CVE-2024-9307
was published
Nov 6, 2024
The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to...
Critical
Unreviewed
CVE-2024-8614
was published
Nov 6, 2024
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of...
Critical
Unreviewed
CVE-2024-48176
was published
Nov 6, 2024
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-48746
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42509
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-47460
was published
Nov 6, 2024
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
Critical
Unreviewed
CVE-2024-51115
was published
Nov 6, 2024
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-51358
was published
Nov 6, 2024
A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700.
Critical
Unreviewed
CVE-2023-29125
was published
Nov 5, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal...
Critical
Unreviewed
CVE-2023-29119
was published
Nov 5, 2024
Waybox Enel X web management application could be used to execute arbitrary OS commands and...
Critical
Unreviewed
CVE-2023-29120
was published
Nov 5, 2024
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox...
Critical
Unreviewed
CVE-2023-29121
was published
Nov 5, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal...
Critical
Unreviewed
CVE-2023-29118
was published
Nov 5, 2024
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,...
Critical
Unreviewed
CVE-2024-10687
was published
Nov 5, 2024
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote...
Critical
Unreviewed
CVE-2024-51327
was published
Nov 4, 2024
An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to...
Critical
Unreviewed
CVE-2024-51136
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce...
Critical
Unreviewed
CVE-2024-50525
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail...
Critical
Unreviewed
CVE-2024-50526
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder...
Critical
Unreviewed
CVE-2024-50527
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software...
Critical
Unreviewed
CVE-2024-50529
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP...
Critical
Unreviewed
CVE-2024-50530
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in David F. Carr RSVPMaker for...
Critical
Unreviewed
CVE-2024-50531
was published
Nov 4, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post...
Critical
Unreviewed
CVE-2024-50523
was published
Nov 4, 2024
ProTip!
Advisories are also available from the
GraphQL API