GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,947

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

318 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed

CVE-2024-50572 was published Nov 12, 2024

A user controlled parameter related to SMTP test functionality is not correctly validated making... High Unreviewed

CVE-2021-31988 was published May 24, 2022

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed

CVE-2023-26130 was published May 30, 2023

Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon... High Unreviewed

CVE-2021-39128 was published May 24, 2022

PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can... High Unreviewed

CVE-2023-42136 was published Jan 15, 2024

PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature... High Unreviewed

CVE-2023-4818 was published Jan 15, 2024

Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. High Unreviewed

CVE-2023-48841 was published Dec 7, 2023

Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account... High Unreviewed

CVE-2021-39114 was published Apr 6, 2022

An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed

CVE-2023-3922 was published Sep 29, 2023

This vulnerability allows an already authenticated admin user to create a malicious payload that... High Unreviewed

CVE-2024-1882 was published Mar 14, 2024

A low privileged remote attacker with write permissions can reconfigure the SNMP service due to... High Unreviewed

CVE-2024-43388 was published Sep 10, 2024

Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2... High Unreviewed

CVE-2023-31209 was published Aug 10, 2023

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed

CVE-2024-6331 was published Aug 4, 2024

An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed

CVE-2024-23268 was published Mar 8, 2024

An injection issue was addressed with improved input validation. This issue is fixed in macOS... High Unreviewed

CVE-2024-23274 was published Mar 8, 2024

DrayTek Vigor2960 1.3.1_Beta; Vigor3900 1.4.4_Beta; and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1... High Unreviewed

CVE-2020-8515 was published May 24, 2022

modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run... High Unreviewed

CVE-2023-46304 was published Apr 30, 2024

By sending specific queries to the resolver, an attacker can cause named to crash. High Unreviewed

CVE-2022-3080 was published Sep 22, 2022

An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest... High Unreviewed

CVE-2023-2760 was published Jul 17, 2023

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields (to ... High Unreviewed

CVE-2019-17123 was published May 24, 2022

A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a... High Unreviewed

CVE-2023-3665 was published Oct 4, 2023

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET... High Unreviewed

CVE-2023-27533 was published Mar 30, 2023

Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that... High Unreviewed

CVE-2023-43835 was published Oct 2, 2023

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname... High Unreviewed

CVE-2023-41580 was published Oct 2, 2023

CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to... High Unreviewed

CVE-2023-36250 was published Sep 14, 2023

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

318 advisories