GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2021-33633
was published
Mar 23, 2024
The "BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages" plugin for...
High
Unreviewed
CVE-2024-2025
was published
Mar 23, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)...
High
Unreviewed
CVE-2023-52161
was published
Feb 22, 2024
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets...
High
Unreviewed
CVE-2023-3966
was published
Feb 22, 2024
A vulnerability was found in Matthias-Wandel jhead 3.08 and classified as critical. This issue...
High
Unreviewed
CVE-2024-2824
was published
Mar 22, 2024
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other...
High
Unreviewed
CVE-2024-2228
was published
Mar 22, 2024
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to...
High
Unreviewed
CVE-2024-2725
was published
Mar 22, 2024
An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI...
High
Unreviewed
CVE-2024-2448
was published
Mar 22, 2024
A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for...
High
Unreviewed
CVE-2024-2449
was published
Mar 22, 2024
Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and...
High
Unreviewed
CVE-2024-0638
was published
Mar 22, 2024
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack...
High
Unreviewed
CVE-2024-1848
was published
Mar 22, 2024
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent...
High
Unreviewed
CVE-2024-28824
was published
Mar 22, 2024
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue...
High
Unreviewed
CVE-2024-2814
was published
Mar 22, 2024
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This...
High
Unreviewed
CVE-2024-2813
was published
Mar 22, 2024
A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is...
High
Unreviewed
CVE-2024-2815
was published
Mar 22, 2024
A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03...
High
Unreviewed
CVE-2024-2809
was published
Mar 22, 2024
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as...
High
Unreviewed
CVE-2024-2810
was published
Mar 22, 2024
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03...
High
Unreviewed
CVE-2024-2808
was published
Mar 22, 2024
A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by...
High
Unreviewed
CVE-2024-2811
was published
Mar 22, 2024
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This...
High
Unreviewed
CVE-2024-2807
was published
Mar 22, 2024
A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi....
High
Unreviewed
CVE-2024-2806
was published
Mar 22, 2024
EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS...
High
Unreviewed
CVE-2023-45234
was published
Jan 16, 2024
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate...
High
Unreviewed
CVE-2023-43318
was published
Mar 6, 2024
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC S7-PM (All versions)...
High
Unreviewed
CVE-2023-25910
was published
Jun 13, 2023
Zoho ManageEngine ADManager Plus through 7186 is vulnerable to 2FA bypass.
High
Unreviewed
CVE-2023-35785
was published
Aug 28, 2023
ProTip!
Advisories are also available from the
GraphQL API