Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

23,703 advisories

Loading
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2024-8807 was published Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2024-8806 was published Nov 22, 2024
Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2024-6246 was published Nov 22, 2024
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-52333 was published Nov 22, 2024
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-51644 was published Nov 22, 2024
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51642 was published Nov 22, 2024
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51641 was published Nov 22, 2024
An OS command injection vulnerability has been reported to affect several product versions. If... Critical Unreviewed
CVE-2024-48860 was published Nov 22, 2024
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2023-51639 was published Nov 22, 2024
A missing authentication for critical function vulnerability has been reported to affect Notes... Critical Unreviewed
CVE-2024-38643 was published Nov 22, 2024
A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3.... Critical Unreviewed
CVE-2024-38645 was published Nov 22, 2024
Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed
CVE-2023-51638 was published Nov 22, 2024
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function... Critical Unreviewed
CVE-2024-51151 was published Nov 22, 2024
IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote... Critical Unreviewed
CVE-2024-41779 was published Nov 22, 2024
Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager... Critical Unreviewed
CVE-2024-52052 was published Nov 22, 2024
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm... Critical Unreviewed
CVE-2024-52765 was published Nov 20, 2024
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common... Critical Unreviewed
CVE-2024-52677 was published Nov 20, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9478 was published Nov 20, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9479 was published Nov 20, 2024
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to... Critical Unreviewed
CVE-2018-9471 was published Nov 20, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed
CVE-2024-51162 was published Nov 20, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed
CVE-2024-10094 was published Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9478 was published Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9479 was published Nov 20, 2024
Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object... Critical Unreviewed
CVE-2024-52439 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database