GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,003
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,064
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,038

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed

CVE-2023-27360 was published May 3, 2024

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed

CVE-2023-30759 was published Jun 19, 2023

Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2024-54111 was published Dec 12, 2024

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed

CVE-2023-28386 was published May 22, 2023

An attacker who can execute arbitrary Operating Systems commands, can bypass code signing... Moderate Unreviewed

CVE-2024-52548 was published Dec 3, 2024

IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a... Moderate Unreviewed

CVE-2022-33861 was published Nov 25, 2024

Affected devices beacon to eCharge cloud infrastructure asking if there are any command they... Critical Unreviewed

CVE-2024-11666 was published Nov 25, 2024

Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege... High Unreviewed

CVE-2024-8356 was published Nov 23, 2024

Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed

CVE-2023-4699 was published Nov 6, 2023

In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges... Moderate Unreviewed

CVE-2024-47255 was published Nov 5, 2024

In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data... Moderate Unreviewed

CVE-2024-47254 was published Nov 5, 2024

Insufficient verification of data authenticity in the configuration state machine may allow a... Low Unreviewed

CVE-2023-20570 was published Feb 13, 2024

VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to... High Unreviewed

CVE-2024-7847 was published Oct 14, 2024

The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted messages without any... Moderate Unreviewed

CVE-2024-43108 was published Sep 26, 2024

The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional... Moderate Unreviewed

CVE-2024-47123 was published Sep 26, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16... Low Unreviewed

CVE-2023-2030 was published Jan 12, 2024

An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed

CVE-2023-3920 was published Sep 29, 2023

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed

CVE-2023-3663 was published Aug 3, 2023

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed

CVE-2024-3051 was published Apr 27, 2024

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the... Moderate Unreviewed

CVE-2023-6533 was published Feb 21, 2024

The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in... Moderate Unreviewed

CVE-2022-4533 was published Sep 19, 2024

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This... Moderate Unreviewed

CVE-2024-23922 was published Sep 23, 2024

IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed

CVE-2023-35906 was published Sep 5, 2023

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed

CVE-2024-27244 was published May 15, 2024

The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in... Moderate Unreviewed

CVE-2022-4539 was published Aug 31, 2024

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories