Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,281 advisories

Loading
An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core... High Unreviewed
CVE-2024-53919 was published Dec 10, 2024
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to... High Unreviewed
CVE-2024-54198 was published Dec 10, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... High Unreviewed
CVE-2024-37144 was published Dec 10, 2024
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation... High Unreviewed
CVE-2024-50627 was published Dec 10, 2024
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal... High Unreviewed
CVE-2024-50626 was published Dec 10, 2024
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload... High Unreviewed
CVE-2024-50625 was published Dec 10, 2024
An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an... High Unreviewed
CVE-2024-50628 was published Dec 10, 2024
kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... High Unreviewed
CVE-2024-54928 was published Dec 9, 2024
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows... High Unreviewed
CVE-2024-54938 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_users... High Unreviewed
CVE-2024-54927 was published Dec 9, 2024
A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3... High Unreviewed
CVE-2024-46547 was published Dec 9, 2024
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded... High Unreviewed
CVE-2024-11454 was published Dec 9, 2024
A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause... High Unreviewed
CVE-2024-11608 was published Dec 9, 2024
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information. High Unreviewed
CVE-2024-40582 was published Dec 9, 2024
A SQL Injection vulnerability was found in /search_class.php of kashipara E-learning Management... High Unreviewed
CVE-2024-54926 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... High Unreviewed
CVE-2024-54933 was published Dec 9, 2024
A SQL Injection was found in /lms/admin/edit_user.php of kashipara E-learning Management System... High Unreviewed
CVE-2024-54922 was published Dec 9, 2024
Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... High Unreviewed
CVE-2024-54930 was published Dec 9, 2024
RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized... High Unreviewed
CVE-2024-53450 was published Dec 9, 2024
Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control... High Unreviewed
CVE-2024-49600 was published Dec 9, 2024
KASHIPARA E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... High Unreviewed
CVE-2024-54929 was published Dec 9, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-53790 was published Dec 9, 2024
Missing Authorization vulnerability in MultiVendorX WC Marketplace allows Exploiting Incorrectly... High Unreviewed
CVE-2023-51355 was published Dec 9, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-54225 was published Dec 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database