GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
101,354 advisories
Filter by severity
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat...
High
Unreviewed
CVE-2024-12672
was published
Dec 19, 2024
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code...
High
Unreviewed
CVE-2024-12729
was published
Dec 19, 2024
Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation...
High
Unreviewed
CVE-2024-11364
was published
Dec 19, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat...
High
Unreviewed
CVE-2024-11157
was published
Dec 19, 2024
Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena®...
High
Unreviewed
CVE-2024-12175
was published
Dec 19, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged...
High
Unreviewed
CVE-2024-12111
was published
Dec 19, 2024
Spring Framework Path Traversal vulnerability
High
CVE-2024-38819
was published
for
org.springframework:spring-webflux
(Maven)
Dec 19, 2024
A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol...
High
Unreviewed
CVE-2023-7005
was published
Dec 19, 2024
A code injection vulnerability in HMS Networks Ewon Flexy 205 allows executing commands on system...
High
Unreviewed
CVE-2024-9154
was published
Dec 19, 2024
A use after free in Fortinet FortiManager, FortiAnalyzer allows attacker to execute unauthorized...
High
Unreviewed
CVE-2021-32589
was published
Dec 19, 2024
A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3...
High
Unreviewed
CVE-2024-12786
was published
Dec 19, 2024
Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS
High
Unreviewed
CVE-2024-47093
was published
Dec 19, 2024
OpenShift Must Gather Operator Improper Input Validation vulnerability
High
CVE-2024-25131
was published
for
github.com/openshift/must-gather
(Go)
Dec 19, 2024
A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System...
High
Unreviewed
CVE-2024-54790
was published
Dec 19, 2024
WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service
High
GHSA-5pf6-cq2v-23ww
was published
for
github.com/clidey/whodb/core
(Go)
Dec 19, 2024
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
High
CVE-2024-56327
was published
for
pyrage
(pip)
Dec 19, 2024
Astro's server source code is exposed to the public if sourcemaps are enabled
High
CVE-2024-56159
was published
for
astro
(npm)
Dec 19, 2024
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux...
High
Unreviewed
CVE-2020-15934
was published
Dec 19, 2024
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line...
High
Unreviewed
CVE-2021-26115
was published
Dec 19, 2024
An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and...
High
Unreviewed
CVE-2021-26093
was published
Dec 19, 2024
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows...
High
Unreviewed
CVE-2024-4230
was published
Dec 19, 2024
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00...
High
Unreviewed
CVE-2024-4229
was published
Dec 19, 2024
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in...
High
Unreviewed
CVE-2024-11740
was published
Dec 19, 2024
Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command (...
High
Unreviewed
CVE-2024-51532
was published
Dec 19, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35141
was published
Dec 19, 2024
ProTip!
Advisories are also available from the
GraphQL API