Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

23,060 advisories

Loading
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive... Critical Unreviewed
CVE-2024-47088 was published Sep 19, 2024
LangChain Experimental Eval Injection vulnerability Critical
CVE-2024-46946 was published for langchain-experimental (pip) Sep 19, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46375 was published Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46376 was published Sep 18, 2024
Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the... Critical Unreviewed
CVE-2024-46377 was published Sep 18, 2024
Buffer Overflow vulnerability in btstack mesh commit before v... Critical Unreviewed
CVE-2024-40568 was published Sep 18, 2024
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the... Critical Unreviewed
CVE-2024-46374 was published Sep 18, 2024
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x... Critical Unreviewed
CVE-2024-45523 was published Sep 18, 2024
Chaosblade vulnerable to OS command execution Critical
CVE-2023-47105 was published for github.com/chaosblade-io/chaosblade (Go) Sep 18, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An... Critical Unreviewed
CVE-2024-34399 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2024-6877 was published Sep 18, 2024
Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain... Critical Unreviewed
CVE-2024-5960 was published Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-5958 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2024-5959 was published Sep 18, 2024
Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows... Critical Unreviewed
CVE-2024-6878 was published Sep 18, 2024
A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser... Critical Unreviewed
CVE-2024-34026 was published Sep 18, 2024
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2024-44542 was published Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify... Critical Unreviewed
CVE-2024-8889 was published Sep 18, 2024
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1... Critical Unreviewed
CVE-2024-8888 was published Sep 18, 2024
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS)... Critical Unreviewed
CVE-2024-8887 was published Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-43978 was published Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-43976 was published Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-44004 was published Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed
CVE-2024-8956 was published Sep 17, 2024
hermes-management is vulnerable to RCE due to Apache commons-jxpath Critical
GHSA-2gh6-wc3m-g37f was published for pl.allegro.tech.hermes:hermes-management (Maven) Sep 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database