GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,229 advisories
Filter by severity
Kieback & Peter's DDC4000 series is vulnerable to a path traversal vulnerability, which may allow...
Critical
Unreviewed
CVE-2024-41717
was published
Oct 23, 2024
Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated...
Critical
Unreviewed
CVE-2024-43698
was published
Oct 23, 2024
An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to...
Critical
Unreviewed
CVE-2024-48904
was published
Oct 22, 2024
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered....
Critical
Unreviewed
CVE-2024-9129
was published
Oct 22, 2024
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0...
Critical
Unreviewed
CVE-2024-38002
was published
Oct 22, 2024
The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through...
Critical
Unreviewed
CVE-2024-8980
was published
Oct 22, 2024
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute...
Critical
Unreviewed
CVE-2024-46538
was published
Oct 22, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35286
was published
Oct 21, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35285
was published
Oct 21, 2024
A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business...
Critical
Unreviewed
CVE-2024-35314
was published
Oct 21, 2024
A Buffer Overflow vulnerabilty in the local_app_set_router_token function of Vilo 5 Mesh WiFi...
Critical
Unreviewed
CVE-2024-40083
was published
Oct 21, 2024
A Buffer Overflow in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,...
Critical
Unreviewed
CVE-2024-40084
was published
Oct 21, 2024
A Buffer Overflow vulnerability in the local_app_set_router_wifi_SSID_PWD function of Vilo 5 Mesh...
Critical
Unreviewed
CVE-2024-40086
was published
Oct 21, 2024
A Buffer Overflow vulnerability in the local_app_set_router_wan function of Vilo 5 Mesh WiFi...
Critical
Unreviewed
CVE-2024-40085
was published
Oct 21, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of...
Critical
Unreviewed
CVE-2024-40087
was published
Oct 21, 2024
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,...
Critical
Unreviewed
CVE-2024-40089
was published
Oct 21, 2024
Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application...
Critical
Unreviewed
CVE-2024-48509
was published
Oct 21, 2024
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-48659
was published
Oct 21, 2024
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab...
Critical
Unreviewed
CVE-2024-47223
was published
Oct 21, 2024
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache...
Critical
Unreviewed
CVE-2024-44000
was published
Oct 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web...
Critical
Unreviewed
CVE-2024-49610
was published
Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows...
Critical
Unreviewed
CVE-2024-49624
was published
Oct 20, 2024
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components...
Critical
Unreviewed
CVE-2024-49625
was published
Oct 20, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2024-49286
was published
Oct 20, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case...
Critical
Unreviewed
CVE-2024-49324
was published
Oct 20, 2024
ProTip!
Advisories are also available from the
GraphQL API