Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,301 advisories

Loading
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin... Moderate Unreviewed
CVE-2024-44798 was published Sep 13, 2024
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability... Moderate Unreviewed
CVE-2024-44685 was published Sep 13, 2024
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay... Moderate Unreviewed
CVE-2024-5689 was published Jun 11, 2024
SquaredUp DS for SCOM 6.2.1.11104 allows XSS. Moderate Unreviewed
CVE-2024-45180 was published Sep 3, 2024
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier... Moderate Unreviewed
CVE-2024-45429 was published Sep 5, 2024
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked... Moderate Unreviewed
CVE-2023-3750 was published Jul 24, 2023
A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0.... Moderate Unreviewed
CVE-2024-8784 was published Sep 13, 2024
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16.... Moderate Unreviewed
CVE-2024-8783 was published Sep 13, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2024-20503 was published Sep 4, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to... Moderate Unreviewed
CVE-2024-40680 was published Sep 7, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... Moderate Unreviewed
CVE-2024-7890 was published Sep 12, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may... Moderate Unreviewed
CVE-2024-5624 was published Aug 29, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow... Moderate Unreviewed
CVE-2024-41867 was published Sep 13, 2024
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. Moderate Unreviewed
CVE-2024-6702 was published Sep 12, 2024
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink: Fix... Moderate Unreviewed
CVE-2024-46693 was published Sep 13, 2024
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function. Moderate Unreviewed
CVE-2024-46046 was published Sep 13, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation... Moderate Unreviewed
CVE-2024-7864 was published Sep 13, 2024
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function. Moderate Unreviewed
CVE-2024-46045 was published Sep 13, 2024
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to... Moderate Unreviewed
CVE-2024-41629 was published Sep 12, 2024
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function. Moderate Unreviewed
CVE-2024-46047 was published Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Mark... Moderate Unreviewed
CVE-2024-46692 was published Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move... Moderate Unreviewed
CVE-2024-46691 was published Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL... Moderate Unreviewed
CVE-2024-46677 was published Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock... Moderate Unreviewed
CVE-2024-45019 was published Sep 11, 2024
ProTip! Advisories are also available from the GraphQL API