GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,947

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108,717 advisories

Filter by severity

Sort by

Least recently updated

A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type... Moderate Unreviewed

CVE-2024-39884 was published Jul 4, 2024

emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write... Moderate Unreviewed

CVE-2024-50655 was published Nov 15, 2024

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an... Moderate Unreviewed

CVE-2024-1551 was published Feb 20, 2024

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to... Moderate Unreviewed

CVE-2024-6613 was published Jul 9, 2024

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub_41C488()... Moderate Unreviewed

CVE-2024-27660 was published Feb 29, 2024

Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition... Moderate Unreviewed

CVE-2023-52728 was published Apr 30, 2024

In ril service, there is a possible out of bounds write due to a missing bounds check. This could... Moderate Unreviewed

CVE-2023-52348 was published Apr 8, 2024

Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.11.0 and... Moderate Unreviewed

CVE-2024-5072 was published May 17, 2024

An issue was discovered in Logpoint before 7.4.0. HTML code sent through logs wasn't being... Moderate Unreviewed

CVE-2024-33859 was published May 7, 2024

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as... Moderate Unreviewed

CVE-2024-11256 was published Nov 15, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects... Moderate Unreviewed

CVE-2024-51669 was published Nov 20, 2024

Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects... Moderate Unreviewed

CVE-2024-52392 was published Nov 20, 2024

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11400 was published Nov 20, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-30424 was published Nov 20, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2023-27609 was published Nov 20, 2024

A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management... Moderate Unreviewed

CVE-2024-11257 was published Nov 15, 2024

A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management... Moderate Unreviewed

CVE-2024-11258 was published Nov 15, 2024

In the autofill service, the package name that is provided by the app process is trusted... Moderate Unreviewed

CVE-2017-13227 was published Nov 15, 2024

Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3,... Moderate Unreviewed

CVE-2024-28013 was published Mar 28, 2024

glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling... Moderate Unreviewed

CVE-2023-45922 was published Mar 27, 2024

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to... Moderate Unreviewed

CVE-2024-52359 was published Nov 19, 2024

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain... Moderate Unreviewed

CVE-2024-37070 was published Nov 19, 2024

Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an... Moderate Unreviewed

CVE-2024-45420 was published Nov 19, 2024

Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated... Moderate Unreviewed

CVE-2024-45422 was published Nov 19, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-50430 was published Nov 19, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

108,717 advisories