GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,995

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

228,995 advisories

Filter by severity

Sort by

Least recently updated

HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain... Moderate Unreviewed

CVE-2024-23586 was published Sep 28, 2024

A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05... Unknown Unreviewed

CVE-2024-46453 was published Sep 27, 2024

A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by... Moderate Unreviewed

CVE-2024-9293 was published Sep 27, 2024

In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered. Moderate Unreviewed

CVE-2024-9160 was published Sep 27, 2024

Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote... High Unreviewed

CVE-2024-33369 was published Sep 27, 2024

A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to... Moderate Unreviewed

CVE-2024-9291 was published Sep 27, 2024

An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could... High Unreviewed

CVE-2024-6436 was published Sep 27, 2024

An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary... High Unreviewed

CVE-2024-33368 was published Sep 27, 2024

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an... Unknown Unreviewed

CVE-2024-46256 was published Sep 27, 2024

A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2... Unknown Unreviewed

CVE-2024-46257 was published Sep 27, 2024

mudler/localai version 2.17.1 is vulnerable to remote code execution. The vulnerability arises... High Unreviewed

CVE-2024-6983 was published Sep 27, 2024

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session... High Unreviewed

CVE-2024-39275 was published Sep 27, 2024

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical.... High Unreviewed

CVE-2024-9284 was published Sep 27, 2024

A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute... Unknown Unreviewed

CVE-2024-25412 was published Sep 27, 2024

OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform... Critical Unreviewed

CVE-2024-6981 was published Sep 27, 2024

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64... Moderate Unreviewed

CVE-2024-37187 was published Sep 27, 2024

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete... Critical Unreviewed

CVE-2024-8630 was published Sep 27, 2024

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western... Critical Unreviewed

CVE-2024-22170 was published Sep 27, 2024

Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an... High Unreviewed

CVE-2024-28948 was published Sep 27, 2024

Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests... High Unreviewed

CVE-2024-38308 was published Sep 27, 2024

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user.... High Unreviewed

CVE-2024-39364 was published Sep 27, 2024

OPW Fuel Management Systems SiteSentinel could allow an attacker to bypass authentication to the... Critical Unreviewed

CVE-2024-8310 was published Sep 27, 2024

Advantech ADAM-5630 shares user credentials plain text between the device and the user source... Moderate Unreviewed

CVE-2024-34542 was published Sep 27, 2024

A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute... Moderate Unreviewed

CVE-2024-25411 was published Sep 27, 2024

A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote... High Unreviewed

CVE-2024-46366 was published Sep 27, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

228,995 advisories