GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,473 advisories
Filter by severity
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8850
was published
Sep 19, 2024
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4533
was published
Sep 19, 2024
This vulnerability exists in LD DP Back Office due to improper validation of certain parameters ...
High
Unreviewed
CVE-2024-47085
was published
Sep 19, 2024
In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right...
High
Unreviewed
CVE-2024-37406
was published
Sep 19, 2024
DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the...
Unknown
Unreviewed
CVE-2024-46372
was published
Sep 18, 2024
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS...
High
Unreviewed
CVE-2024-8287
was published
Sep 18, 2024
Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and...
Unknown
Unreviewed
CVE-2024-43024
was published
Sep 18, 2024
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used...
Unknown
Unreviewed
CVE-2024-39339
was published
Sep 18, 2024
An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to...
Unknown
Unreviewed
CVE-2024-43025
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46375
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46376
was published
Sep 18, 2024
Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size...
High
Unreviewed
CVE-2024-34057
was published
Sep 18, 2024
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with...
High
Unreviewed
CVE-2024-44589
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46377
was published
Sep 18, 2024
Dedecms V5.7.115 contains an arbitrary code execution via file upload vulnerability in the backend.
High
Unreviewed
CVE-2024-46373
was published
Sep 18, 2024
Buffer Overflow vulnerability in btstack mesh commit before v...
Critical
Unreviewed
CVE-2024-40568
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the...
Critical
Unreviewed
CVE-2024-46374
was published
Sep 18, 2024
Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data.
Unknown
Unreviewed
CVE-2023-41611
was published
Sep 18, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An...
Critical
Unreviewed
CVE-2024-34399
was published
Sep 18, 2024
Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in...
High
Unreviewed
CVE-2023-41610
was published
Sep 18, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-46086
was published
Sep 18, 2024
runofast Indoor Security Camera for Baby Monitor has a default password of password for the root...
Moderate
Unreviewed
CVE-2024-46959
was published
Sep 18, 2024
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x...
Critical
Unreviewed
CVE-2024-45523
was published
Sep 18, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat...
High
Unreviewed
CVE-2023-41612
was published
Sep 18, 2024
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the saveVPNProfile...
Unknown
Unreviewed
CVE-2024-46594
was published
Sep 18, 2024
ProTip!
Advisories are also available from the
GraphQL API