GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,198
Composer 4,096
Erlang 29
GitHub Actions 19
Go 1,925
Maven 5,116
npm 3,654
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 823
Swift 35

Unreviewed advisories

All unreviewed 229,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,047 advisories

Filter by severity

Sort by

Least recently updated

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx.... Critical Unreviewed

CVE-2024-43699 was published Oct 4, 2024

The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly... Critical Unreviewed

CVE-2024-41925 was published Oct 4, 2024

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication... Critical Unreviewed

CVE-2024-45367 was published Oct 4, 2024

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an... Critical Unreviewed

CVE-2024-46256 was published Sep 27, 2024

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed

CVE-2018-2628 was published May 14, 2022

In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the... Critical Unreviewed

CVE-2020-12069 was published Dec 26, 2022

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed

CVE-2024-42514 was published Oct 1, 2024

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to... Critical Unreviewed

CVE-2022-26136 was published Jul 21, 2022

TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS... Critical Unreviewed

CVE-2024-41988 was published Oct 3, 2024

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-41651 was published Aug 12, 2024

Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker... Critical Unreviewed

CVE-2022-4920 was published Jul 29, 2023

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16... Critical Unreviewed

CVE-2023-4008 was published Aug 3, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed

CVE-2023-5009 was published Sep 19, 2023

The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection... Critical Unreviewed

CVE-2024-9441 was published Oct 2, 2024

According to the researcher: "The TLS connections are encrypted against tampering or... Critical Unreviewed

CVE-2024-44097 was published Oct 2, 2024

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed

CVE-2024-20432 was published Oct 2, 2024

FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials. Critical Unreviewed

CVE-2024-45186 was published Oct 2, 2024

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC... Critical Unreviewed

CVE-2024-38812 was published Sep 17, 2024

An unauthenticated remote attacker may use a missing authentication for critical function... Critical Unreviewed

CVE-2024-35293 was published Oct 2, 2024

An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed

CVE-2023-1083 was published Apr 9, 2024

The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low... Critical Unreviewed

CVE-2024-25660 was published Oct 1, 2024

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of... Critical Unreviewed

CVE-2024-9402 was published Oct 1, 2024

A compromised content process could have allowed for the arbitrary loading of cross-origin pages.... Critical Unreviewed

CVE-2024-9392 was published Oct 1, 2024

Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This... Critical Unreviewed

CVE-2023-33934 was published Aug 9, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,047 advisories