GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,301 advisories
Filter by severity
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin...
Moderate
Unreviewed
CVE-2024-44798
was published
Sep 13, 2024
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability...
Moderate
Unreviewed
CVE-2024-44685
was published
Sep 13, 2024
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay...
Moderate
Unreviewed
CVE-2024-5689
was published
Jun 11, 2024
SquaredUp DS for SCOM 6.2.1.11104 allows XSS.
Moderate
Unreviewed
CVE-2024-45180
was published
Sep 3, 2024
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier...
Moderate
Unreviewed
CVE-2024-45429
was published
Sep 5, 2024
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked...
Moderate
Unreviewed
CVE-2023-3750
was published
Jul 24, 2023
A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0....
Moderate
Unreviewed
CVE-2024-8784
was published
Sep 13, 2024
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16....
Moderate
Unreviewed
CVE-2024-8783
was published
Sep 13, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2024-20503
was published
Sep 4, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to...
Moderate
Unreviewed
CVE-2024-40680
was published
Sep 7, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
Moderate
Unreviewed
CVE-2024-7890
was published
Sep 12, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may...
Moderate
Unreviewed
CVE-2024-5624
was published
Aug 29, 2024
After Effects versions 23.6.6, 24.5 and earlier are affected by a Stack-based Buffer Overflow...
Moderate
Unreviewed
CVE-2024-41867
was published
Sep 13, 2024
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.
Moderate
Unreviewed
CVE-2024-6702
was published
Sep 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: pmic_glink: Fix...
Moderate
Unreviewed
CVE-2024-46693
was published
Sep 13, 2024
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
Moderate
Unreviewed
CVE-2024-46046
was published
Sep 13, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation...
Moderate
Unreviewed
CVE-2024-7864
was published
Sep 13, 2024
Tenda CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the frmL7PlotForm function.
Moderate
Unreviewed
CVE-2024-46045
was published
Sep 13, 2024
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to...
Moderate
Unreviewed
CVE-2024-41629
was published
Sep 12, 2024
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
Moderate
Unreviewed
CVE-2024-46047
was published
Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
firmware: qcom: scm: Mark...
Moderate
Unreviewed
CVE-2024-46692
was published
Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Move...
Moderate
Unreviewed
CVE-2024-46691
was published
Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
gtp: fix a potential NULL...
Moderate
Unreviewed
CVE-2024-46677
was published
Sep 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Take state lock...
Moderate
Unreviewed
CVE-2024-45019
was published
Sep 11, 2024
ProTip!
Advisories are also available from the
GraphQL API