GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
19,960 advisories
Filter by severity
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10...
Critical
Unreviewed
CVE-2024-33109
was published
Sep 19, 2024
Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to...
Critical
Unreviewed
CVE-2024-8963
was published
Sep 19, 2024
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if...
Critical
Unreviewed
CVE-2024-45861
was published
Sep 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-7785
was published
Sep 19, 2024
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive...
Critical
Unreviewed
CVE-2024-47088
was published
Sep 19, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46375
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46376
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the...
Critical
Unreviewed
CVE-2024-46377
was published
Sep 18, 2024
Buffer Overflow vulnerability in btstack mesh commit before v...
Critical
Unreviewed
CVE-2024-40568
was published
Sep 18, 2024
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the...
Critical
Unreviewed
CVE-2024-46374
was published
Sep 18, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An...
Critical
Unreviewed
CVE-2024-34399
was published
Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-5959
was published
Sep 18, 2024
Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain...
Critical
Unreviewed
CVE-2024-5960
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-5958
was published
Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-6877
was published
Sep 18, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows...
Critical
Unreviewed
CVE-2024-6878
was published
Sep 18, 2024
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser...
Critical
Unreviewed
CVE-2024-34026
was published
Sep 18, 2024
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-44542
was published
Sep 18, 2024
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1...
Critical
Unreviewed
CVE-2024-8888
was published
Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Critical
Unreviewed
CVE-2024-8889
was published
Sep 18, 2024
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS)...
Critical
Unreviewed
CVE-2024-8887
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43978
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-44004
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43976
was published
Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication...
Critical
Unreviewed
CVE-2024-8956
was published
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API