GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,473

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

228,473 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page Moderate Unreviewed

CVE-2024-47162 was published Sep 19, 2024

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate... Moderate Unreviewed

CVE-2024-47160 was published Sep 19, 2024

Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to... Critical Unreviewed

CVE-2024-8963 was published Sep 19, 2024

Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed

CVE-2024-38016 was published Sep 19, 2024

A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser... Moderate Unreviewed

CVE-2024-8652 was published Sep 19, 2024

A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser... Moderate Unreviewed

CVE-2024-8653 was published Sep 19, 2024

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore... Moderate Unreviewed

CVE-2024-47159 was published Sep 19, 2024

A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release... High Unreviewed

CVE-2024-7737 was published Sep 19, 2024

libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM... Unknown Unreviewed

CVE-2024-31570 was published Sep 19, 2024

A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that... Moderate Unreviewed

CVE-2024-8651 was published Sep 19, 2024

Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may... High Unreviewed

CVE-2024-45862 was published Sep 19, 2024

Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if... Critical Unreviewed

CVE-2024-45861 was published Sep 19, 2024

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry... High Unreviewed

CVE-2024-7736 was published Sep 19, 2024

logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure... High Unreviewed

CVE-2024-45752 was published Sep 19, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed

CVE-2024-7785 was published Sep 19, 2024

A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain... Moderate Unreviewed

CVE-2024-46382 was published Sep 19, 2024

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add High Unreviewed

CVE-2024-46394 was published Sep 19, 2024

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net... Moderate Unreviewed

CVE-2024-8354 was published Sep 19, 2024

This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive... Critical Unreviewed

CVE-2024-47088 was published Sep 19, 2024

This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the... High Unreviewed

CVE-2024-47089 was published Sep 19, 2024

This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain... High Unreviewed

CVE-2024-47087 was published Sep 19, 2024

A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send... Moderate Unreviewed

CVE-2024-45769 was published Sep 19, 2024

A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an... Moderate Unreviewed

CVE-2024-45770 was published Sep 19, 2024

The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-8364 was published Sep 19, 2024

This vulnerability exists in LD DP Back Office due to improper implementation of OTP validation... High Unreviewed

CVE-2024-47086 was published Sep 19, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

228,473 advisories