Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,266 advisories

Loading
A vulnerability in Veeam Backup & Replication allows low-privileged users to leak all saved... High Unreviewed
CVE-2024-42451 was published Dec 4, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent... High Unreviewed
CVE-2024-42452 was published Dec 4, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed
CVE-2024-42455 was published Dec 4, 2024
From the VSPC management agent machine, under condition that the management agent is authorized... High Unreviewed
CVE-2024-42449 was published Dec 4, 2024
An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their... High Unreviewed
CVE-2024-46624 was published Dec 4, 2024
An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of... High Unreviewed
CVE-2024-46625 was published Dec 4, 2024
An issue was discovered in Centreon centreon-bam 24.04, 23.10, 23.04, and 22.10. SQL injection... High Unreviewed
CVE-2024-45757 was published Dec 3, 2024
An issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote... High Unreviewed
CVE-2024-51114 was published Dec 3, 2024
An issue in aedes v0.51.2 allows attackers to cause a Denial of Service(DoS) via a crafted request. High Unreviewed
CVE-2024-48080 was published Dec 3, 2024
A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... High Unreviewed
CVE-2024-51771 was published Dec 3, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to... High Unreviewed
CVE-2024-12053 was published Dec 3, 2024
An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port... High Unreviewed
CVE-2024-52547 was published Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not... High Unreviewed
CVE-2024-40691 was published Dec 3, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 contains hard-coded credentials, such as a... High Unreviewed
CVE-2024-41777 was published Dec 3, 2024
An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker... High Unreviewed
CVE-2024-29404 was published Dec 3, 2024
Open62541 v1.4.6 is has an assertion failure in fuzz_binary_decode, which leads to a crash. High Unreviewed
CVE-2024-53429 was published Dec 3, 2024
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is... High Unreviewed
CVE-2024-10074 was published Dec 3, 2024
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-11391 was published Dec 3, 2024
Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key... High Unreviewed
CVE-2024-42422 was published Dec 3, 2024
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of... High Unreviewed
CVE-2024-47476 was published Dec 3, 2024
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to... High Unreviewed
CVE-2024-49415 was published Dec 3, 2024
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1... High Unreviewed
CVE-2024-49413 was published Dec 3, 2024
Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in... High Unreviewed
CVE-2024-49420 was published Dec 3, 2024
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic... High Unreviewed
CVE-2024-9200 was published Dec 3, 2024
A buffer overflow vulnerability in the packet parser of the third-party library "libclinkc" in... High Unreviewed
CVE-2024-8748 was published Dec 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database