GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,086 advisories
Filter by severity
Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are...
High
Unreviewed
CVE-2024-21536
was published
Oct 19, 2024
A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability...
High
Unreviewed
CVE-2024-10130
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29213
was published
Oct 19, 2024
Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-33453
was published
Oct 18, 2024
Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote...
High
Unreviewed
CVE-2024-30875
was published
Oct 18, 2024
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by...
High
Unreviewed
CVE-2024-10123
was published
Oct 18, 2024
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of...
High
Unreviewed
CVE-2024-0755
was published
Jan 23, 2024
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code...
High
Unreviewed
CVE-2024-9593
was published
Oct 18, 2024
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2024-45143
was published
Oct 9, 2024
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2024-45139
was published
Oct 9, 2024
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered...
High
Unreviewed
CVE-2024-0229
was published
Feb 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49238
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49240
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49239
was published
Oct 18, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
High
Unreviewed
CVE-2024-49243
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49224
was published
Oct 18, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification,...
High
Unreviewed
CVE-2024-10078
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6055
was published
Oct 18, 2024
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning...
High
Unreviewed
CVE-2023-49567
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The...
High
Unreviewed
CVE-2023-6058
was published
Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-6057
was published
Oct 18, 2024
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality...
High
Unreviewed
CVE-2023-49570
was published
Oct 18, 2024
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2024-10079
was published
Oct 18, 2024
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow...
High
Unreviewed
CVE-2024-47487
was published
Oct 18, 2024
ProTip!
Advisories are also available from the
GraphQL API