GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,110
Erlang
29
GitHub Actions
19
Go
1,926
Maven
5,000+
npm
3,664
NuGet
642
pip
3,266
Pub
10
RubyGems
873
Rust
825
Swift
35
Unreviewed advisories
All unreviewed
5,000+
23,121 advisories
Filter by severity
Windows Netlogon Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-38124
was published
Oct 8, 2024
Microsoft Configuration Manager Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43468
was published
Oct 8, 2024
A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege...
Critical
Unreviewed
CVE-2024-3057
was published
Oct 8, 2024
A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated...
Critical
Unreviewed
CVE-2024-44349
was published
Oct 8, 2024
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that...
Critical
Unreviewed
CVE-2024-8884
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47553
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47562
was published
Oct 8, 2024
The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-8943
was published
Oct 8, 2024
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL...
Critical
Unreviewed
CVE-2024-8911
was published
Oct 8, 2024
A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >=...
Critical
Unreviewed
CVE-2023-52952
was published
Oct 8, 2024
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only...
Critical
Unreviewed
CVE-2024-41798
was published
Oct 8, 2024
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code ...
Critical
Unreviewed
CVE-2024-45874
was published
Oct 8, 2024
A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary...
Critical
Unreviewed
CVE-2024-45873
was published
Oct 8, 2024
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an...
Critical
Unreviewed
CVE-2024-47967
was published
Oct 7, 2024
RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code...
Critical
Unreviewed
CVE-2024-46076
was published
Oct 7, 2024
Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs...
Critical
Unreviewed
CVE-2024-46446
was published
Oct 7, 2024
Memory corruption while redirecting log file to any file location with any file name.
Critical
Unreviewed
CVE-2024-33066
was published
Oct 7, 2024
SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by...
Critical
Unreviewed
CVE-2024-9574
was published
Oct 7, 2024
In wlan firmware, there is a possible out of bounds write due to improper input validation. This...
Critical
Unreviewed
CVE-2024-20103
was published
Oct 7, 2024
In wlan driver, there is a possible out of bounds write due to improper input validation. This...
Critical
Unreviewed
CVE-2024-20101
was published
Oct 7, 2024
In wlan driver, there is a possible out of bounds write due to improper input validation. This...
Critical
Unreviewed
CVE-2024-20100
was published
Oct 7, 2024
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-45252
was published
Oct 6, 2024
Cavok – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Critical
Unreviewed
CVE-2024-45249
was published
Oct 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-47350
was published
Oct 6, 2024
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-45251
was published
Oct 6, 2024
ProTip!
Advisories are also available from the
GraphQL API