GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,436 advisories
Filter by severity
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An...
High
Unreviewed
CVE-2024-42417
was published
Oct 4, 2024
Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor...
High
Unreviewed
CVE-2024-41596
was published
Oct 3, 2024
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a...
High
Unreviewed
CVE-2024-41595
was published
Oct 3, 2024
DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query...
High
Unreviewed
CVE-2024-41592
was published
Oct 3, 2024
A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a...
High
Unreviewed
CVE-2024-41586
was published
Oct 3, 2024
DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests.
High
Unreviewed
CVE-2024-41589
was published
Oct 3, 2024
An attacker can publish a zone containing specific Resource Record Sets.
Repeatedly processing...
High
Unreviewed
CVE-2024-25590
was published
Oct 3, 2024
A directory traversal vulnerability exists in the archive download functionality of Veertu Anka...
High
Unreviewed
CVE-2024-41163
was published
Oct 3, 2024
An integer overflow vulnerability exists in the Compound Document Binary File format parser of...
High
Unreviewed
CVE-2024-36474
was published
Oct 3, 2024
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka...
High
Unreviewed
CVE-2024-41922
was published
Oct 3, 2024
A privilege escalation vulnerability exists in the Veertu Anka Build 1.42.0. The vulnerability...
High
Unreviewed
CVE-2024-39755
was published
Oct 3, 2024
An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1...
High
Unreviewed
CVE-2024-42415
was published
Oct 3, 2024
The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain...
High
Unreviewed
CVE-2024-41987
was published
Oct 3, 2024
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to...
High
Unreviewed
CVE-2024-5803
was published
Oct 3, 2024
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is...
High
Unreviewed
CVE-2024-8352
was published
Oct 3, 2024
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo...
High
Unreviewed
CVE-2024-47134
was published
Oct 3, 2024
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name:...
High
Unreviewed
CVE-2024-47135
was published
Oct 3, 2024
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC...
High
Unreviewed
CVE-2024-47136
was published
Oct 3, 2024
A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox ...
High
Unreviewed
CVE-2024-28888
was published
Oct 2, 2024
A potential security vulnerability
has been identified in the HP One Agent for certain HP PC...
High
Unreviewed
CVE-2024-8733
was published
Oct 2, 2024
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20499
was published
Oct 2, 2024
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20501
was published
Oct 2, 2024
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z...
High
Unreviewed
CVE-2024-20498
was published
Oct 2, 2024
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted...
High
Unreviewed
CVE-2024-46626
was published
Oct 2, 2024
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated,...
High
Unreviewed
CVE-2024-20449
was published
Oct 2, 2024
ProTip!
Advisories are also available from the
GraphQL API