GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,995

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

249,130 advisories

Filter by severity

Sort by

Least recently updated

Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is... High Unreviewed

CVE-2024-3052 was published Apr 27, 2024

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed

CVE-2023-51392 was published Feb 23, 2024

Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the... Moderate Unreviewed

CVE-2023-6533 was published Feb 21, 2024

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed

CVE-2024-3051 was published Apr 27, 2024

The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-6850 was published Sep 13, 2024

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an... High Unreviewed

CVE-2024-36475 was published Jul 17, 2024

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank... Moderate Unreviewed

CVE-2024-9040 was published Sep 20, 2024

The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2024-8093 was published Sep 17, 2024

Malformed S2 Nonce Get Command Class packets can be sent to crash PC Controller v5.54.0 and... Moderate Unreviewed

CVE-2023-6640 was published Feb 21, 2024

A denial of service vulnerability exists in all Silicon Labs Z-Wave controller and endpoint... Moderate Unreviewed

CVE-2023-5310 was published Dec 15, 2023

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed

CVE-2023-46170 was published Mar 7, 2024

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user.... High Unreviewed

CVE-2024-39364 was published Sep 27, 2024

Advantech ADAM-5630 shares user credentials plain text between the device and the user source... Moderate Unreviewed

CVE-2024-34542 was published Sep 27, 2024

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64... Moderate Unreviewed

CVE-2024-37187 was published Sep 27, 2024

A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an... Unknown Unreviewed

CVE-2024-46256 was published Sep 27, 2024

A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2... Unknown Unreviewed

CVE-2024-46257 was published Sep 27, 2024

TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML... Moderate Unreviewed

CVE-2024-45745 was published Sep 27, 2024

OPW Fuel Management Systems SiteSentinel could allow an attacker to bypass authentication to the... Critical Unreviewed

CVE-2024-8310 was published Sep 27, 2024

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session... High Unreviewed

CVE-2024-39275 was published Sep 27, 2024

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical.... High Unreviewed

CVE-2024-9284 was published Sep 27, 2024

TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with... Low Unreviewed

CVE-2024-45744 was published Sep 27, 2024

A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute... Unknown Unreviewed

CVE-2024-25412 was published Sep 27, 2024

OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform... Critical Unreviewed

CVE-2024-6981 was published Sep 27, 2024

Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete... Critical Unreviewed

CVE-2024-8630 was published Sep 27, 2024

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western... Critical Unreviewed

CVE-2024-22170 was published Sep 27, 2024

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

249,130 advisories