GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,302 advisories
Filter by severity
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in...
High
Unreviewed
CVE-2024-6769
was published
Sep 26, 2024
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE)...
High
Unreviewed
CVE-2024-46628
was published
Sep 26, 2024
The goTenna Pro ATAK Plugin does not use SecureRandom when generating
its cryptographic keys....
High
Unreviewed
CVE-2024-45723
was published
Sep 26, 2024
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker...
High
Unreviewed
CVE-2024-47125
was published
Sep 26, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an...
High
Unreviewed
CVE-2024-39577
was published
Sep 26, 2024
The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys...
High
Unreviewed
CVE-2024-47130
was published
Sep 26, 2024
The goTenna Pro series does not use SecureRandom when generating its cryptographic keys. The...
High
Unreviewed
CVE-2024-47126
was published
Sep 26, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an...
High
Unreviewed
CVE-2024-37125
was published
Sep 26, 2024
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the...
High
Unreviewed
CVE-2024-43191
was published
Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute...
High
Unreviewed
CVE-2024-41605
was published
Sep 26, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2...
High
Unreviewed
CVE-2024-44860
was published
Sep 26, 2024
A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password...
High
Unreviewed
CVE-2024-45980
was published
Sep 26, 2024
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45979
was published
Sep 26, 2024
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45981
was published
Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45982
was published
Sep 26, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-46330
was published
Sep 26, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-46329
was published
Sep 26, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several...
High
Unreviewed
CVE-2024-46328
was published
Sep 26, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the ...
High
Unreviewed
CVE-2024-8126
was published
Sep 26, 2024
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion...
High
Unreviewed
CVE-2024-8704
was published
Sep 26, 2024
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a...
High
Unreviewed
CVE-2022-4541
was published
Sep 26, 2024
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross...
High
Unreviewed
CVE-2024-9198
was published
Sep 26, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows...
High
Unreviewed
CVE-2024-7108
was published
Sep 26, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
User interface (UI) misrepresentation of critical information issue exists in multiple Home...
High
Unreviewed
CVE-2024-47045
was published
Sep 26, 2024
ProTip!
Advisories are also available from the
GraphQL API