Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,276 advisories

Loading
NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker... High Unreviewed
CVE-2024-0130 was published Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to... High Unreviewed
CVE-2024-47791 was published Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism... High Unreviewed
CVE-2024-45722 was published Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could... High Unreviewed
CVE-2024-42494 was published Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to... High Unreviewed
CVE-2024-47043 was published Dec 6, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could... High Unreviewed
CVE-2024-51727 was published Dec 6, 2024
Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2024-54749 was published Dec 6, 2024
A local low-level user on the server machine with credentials to the running OAS services can... High Unreviewed
CVE-2024-11220 was published Dec 6, 2024
A command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-50393 was published Dec 6, 2024
A command injection vulnerability has been reported to affect License Center. If exploited, the... High Unreviewed
CVE-2024-48863 was published Dec 6, 2024
A link following vulnerability has been reported to affect several QNAP operating system versions... High Unreviewed
CVE-2024-53691 was published Dec 6, 2024
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed
CVE-2024-48868 was published Dec 6, 2024
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not ... High Unreviewed
CVE-2024-12254 was published Dec 6, 2024
An improper certificate validation vulnerability has been reported to affect several QNAP... High Unreviewed
CVE-2024-48865 was published Dec 6, 2024
Path Traversal vulnerability in NotFound ARForms allows Path Traversal.This issue affects ARForms... High Unreviewed
CVE-2024-54216 was published Dec 6, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-54209 was published Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53815 was published Dec 6, 2024
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2024-53824 was published Dec 6, 2024
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows... High Unreviewed
CVE-2024-53804 was published Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53807 was published Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53817 was published Dec 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-53808 was published Dec 6, 2024
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly... High Unreviewed
CVE-2024-53805 was published Dec 6, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request... High Unreviewed
CVE-2024-54205 was published Dec 6, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-53812 was published Dec 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database