GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,747

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

527 advisories

Filter by severity

Sort by

Least recently updated

A code injection vulnerability that permits a low-privileged user to upload arbitrary files to... Critical Unreviewed

CVE-2024-39714 was published Sep 7, 2024

D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2024-45623 was published Sep 2, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41369 was published Aug 29, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41368 was published Aug 29, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41361 was published Aug 29, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41366 was published Aug 29, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41364 was published Aug 29, 2024

RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-41367 was published Aug 29, 2024

HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code... Critical Unreviewed

CVE-2024-7720 was published Aug 27, 2024

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling... Critical Unreviewed

CVE-2024-45321 was published Aug 27, 2024

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and... Critical Unreviewed

CVE-2024-6386 was published Aug 21, 2024

A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15... Critical Unreviewed

CVE-2024-42634 was published Aug 16, 2024

An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to... Critical Unreviewed

CVE-2024-41623 was published Aug 13, 2024

A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML... Critical Unreviewed

CVE-2024-37287 was published Aug 13, 2024

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-7094 was published Aug 13, 2024

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-41651 was published Aug 12, 2024

An administrator with restricted permissions can exploit the script execution functionality... Critical Unreviewed

CVE-2024-22116 was published Aug 12, 2024

There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to... Critical Unreviewed

CVE-2024-42393 was published Aug 6, 2024

Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v... Critical Unreviewed

CVE-2024-40530 was published Aug 5, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-41468 was published Jul 26, 2024

An issue in Intelight X-1L Traffic controller Maxtime v.1.9.6 allows a remote attacker to execute... Critical Unreviewed

CVE-2024-38944 was published Jul 22, 2024

All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ... Critical Unreviewed

CVE-2024-21552 was published Jul 22, 2024

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21_D240126 was discovered to contain a... Critical Unreviewed

CVE-2024-39962 was published Jul 19, 2024

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the... Critical Unreviewed

CVE-2024-36456 was published Jul 15, 2024

An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The... Critical Unreviewed

CVE-2024-25077 was published Jul 10, 2024

Previous 1 2 3 4 5 6 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

527 advisories