GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
93,859 advisories
Filter by severity
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6...
High
Unreviewed
CVE-2024-12867
was published
Dec 20, 2024
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting...
High
Unreviewed
CVE-2024-10385
was published
Dec 20, 2024
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute...
High
Unreviewed
CVE-2024-12677
was published
Dec 20, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
could be vulnerable...
High
Unreviewed
CVE-2024-40695
was published
Dec 20, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1....
High
Unreviewed
CVE-2024-44195
was published
Dec 20, 2024
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44211
was published
Dec 20, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia...
High
Unreviewed
CVE-2024-44231
was published
Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful...
High
Unreviewed
CVE-2022-32144
was published
Dec 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful...
High
Unreviewed
CVE-2022-32204
was published
Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-34159
was published
Dec 20, 2024
Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This...
High
Unreviewed
CVE-2024-12832
was published
Dec 20, 2024
A denial-of-service issue was addressed with improved input validation. This issue is fixed in...
High
Unreviewed
CVE-2024-54538
was published
Dec 20, 2024
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-12829
was published
Dec 20, 2024
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-12830
was published
Dec 20, 2024
There is an unrestricted file upload vulnerability where it is possible for an authenticated user...
High
Unreviewed
CVE-2024-12700
was published
Dec 20, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat...
High
Unreviewed
CVE-2024-11157
was published
Dec 19, 2024
Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena®...
High
Unreviewed
CVE-2024-12175
was published
Dec 19, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat...
High
Unreviewed
CVE-2024-12672
was published
Dec 19, 2024
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code...
High
Unreviewed
CVE-2024-12729
was published
Dec 19, 2024
Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation...
High
Unreviewed
CVE-2024-11364
was published
Dec 19, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged...
High
Unreviewed
CVE-2024-12111
was published
Dec 19, 2024
A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol...
High
Unreviewed
CVE-2023-7005
was published
Dec 19, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system...
High
Unreviewed
CVE-2024-9154
was published
Dec 19, 2024
A use after free in Fortinet FortiManager, FortiAnalyzer allows attacker to execute unauthorized...
High
Unreviewed
CVE-2021-32589
was published
Dec 19, 2024
A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3...
High
Unreviewed
CVE-2024-12786
was published
Dec 19, 2024
ProTip!
Advisories are also available from the
GraphQL API