Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

23,703 advisories

Loading
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2024-8856 was published Nov 16, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45970 was published Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45971 was published Nov 15, 2024
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double... Critical Unreviewed
CVE-2024-10934 was published Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to... Critical Unreviewed
CVE-2023-20036 was published Nov 15, 2024
LibreNMS has an Authenticated OS Command Injection Critical
CVE-2024-51092 was published for librenms/librenms (Composer) Nov 15, 2024
mallo-m
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an... Critical Unreviewed
CVE-2023-20154 was published Nov 15, 2024
Improper neutralization of special elements used in a command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-10443 was published Nov 15, 2024
Deserialization of Untrusted Data in dompdf/dompdf Critical
CVE-2021-3838 was published for dompdf/dompdf (Composer) Nov 15, 2024
Improper Restriction of XML External Entity Reference in dompdf/dompdf Critical
CVE-2021-3902 was published for dompdf/dompdf (Composer) Nov 15, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed
CVE-2024-10924 was published Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed
CVE-2024-11120 was published Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the... Critical Unreviewed
CVE-2024-48970 was published Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for... Critical Unreviewed
CVE-2024-48967 was published Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed
CVE-2024-48974 was published Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in... Critical Unreviewed
CVE-2024-48971 was published Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an... Critical Unreviewed
CVE-2024-48973 was published Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed
CVE-2024-48966 was published Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed
CVE-2024-9832 was published Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and... Critical Unreviewed
CVE-2024-9834 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –... Critical Unreviewed
CVE-2024-52370 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket... Critical Unreviewed
CVE-2024-52369 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows... Critical Unreviewed
CVE-2024-52374 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager... Critical Unreviewed
CVE-2024-52375 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for... Critical Unreviewed
CVE-2024-52376 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database