GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
819 advisories
Filter by severity
An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute...
Moderate
Unreviewed
CVE-2024-51330
was published
Nov 15, 2024
The The InPost Gallery plugin for WordPress is vulnerable to arbitrary shortcode execution via...
Moderate
Unreviewed
CVE-2024-11002
was published
Nov 26, 2024
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in...
Moderate
Unreviewed
CVE-2024-10262
was published
Nov 16, 2024
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique...
Moderate
Unreviewed
CVE-2022-21928
was published
Jan 12, 2022
Limited remote code execution with privilege of a NetworkService Account access in Citrix Session...
Moderate
Unreviewed
CVE-2024-8069
was published
Nov 12, 2024
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an...
Moderate
Unreviewed
CVE-2024-3044
was published
May 14, 2024
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6...
Moderate
Unreviewed
CVE-2024-46965
was published
Nov 11, 2024
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a...
Moderate
Unreviewed
CVE-2023-5677
was published
Feb 5, 2024
Vintage,
member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay...
Moderate
Unreviewed
CVE-2023-5800
was published
Feb 5, 2024
Using a markup injection an attacker could have stolen nonce values. This could have been used to...
Moderate
Unreviewed
CVE-2024-2610
was published
Mar 19, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side...
Moderate
Unreviewed
CVE-2024-3786
was published
Apr 15, 2024
Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti...
Moderate
Unreviewed
CVE-2022-42045
was published
Jul 13, 2023
A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9324
was published
Sep 29, 2024
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side...
Moderate
Unreviewed
CVE-2024-3785
was published
Apr 15, 2024
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the...
Moderate
Unreviewed
CVE-2024-10505
was published
Oct 30, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the save method of...
Moderate
Unreviewed
CVE-2024-48235
was published
Oct 26, 2024
An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-48236
was published
Oct 26, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Moderate
Unreviewed
CVE-2024-35315
was published
Oct 21, 2024
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow...
Moderate
Unreviewed
CVE-2024-41712
was published
Oct 21, 2024
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and...
Moderate
Unreviewed
CVE-2024-20485
was published
Oct 23, 2024
An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature...
Moderate
Unreviewed
CVE-2019-18792
was published
May 24, 2022
Insecure permissions in the sys_exec function of Oracle MYSQL MariaDB v10.5 allows authenticated...
Moderate
Unreviewed
CVE-2023-39593
was published
Oct 18, 2024
An issue in MYSQL MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the...
Moderate
Unreviewed
CVE-2024-27766
was published
Oct 18, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API