GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,813
Composer 4,253
Erlang 31
GitHub Actions 21
Go 2,018
Maven 5,205
npm 3,725
NuGet 662
pip 3,402
Pub 12
RubyGems 890
Rust 861
Swift 36

Unreviewed advisories

All unreviewed 236,666

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

23,860 advisories

Filter by severity

Sort by

Least recently updated

The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local... Critical Unreviewed

CVE-2024-12209 was published Dec 8, 2024

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous... Critical Unreviewed

CVE-2024-52324 was published Dec 6, 2024

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients... Critical Unreviewed

CVE-2024-46874 was published Dec 6, 2024

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability... Critical Unreviewed

CVE-2024-48874 was published Dec 6, 2024

The affected product is vulnerable to a command injection. An unauthenticated attacker could send... Critical Unreviewed

CVE-2024-52320 was published Dec 6, 2024

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for... Critical Unreviewed

CVE-2024-47547 was published Dec 6, 2024

The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker... Critical Unreviewed

CVE-2024-48871 was published Dec 6, 2024

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow... Critical Unreviewed

CVE-2024-54750 was published Dec 6, 2024

An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If... Critical Unreviewed

CVE-2024-50388 was published Dec 6, 2024

A SQL injection vulnerability has been reported to affect several QNAP operating system versions.... Critical Unreviewed

CVE-2024-50387 was published Dec 6, 2024

A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the... Critical Unreviewed

CVE-2024-50389 was published Dec 6, 2024

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Revy allows Upload a... Critical Unreviewed

CVE-2024-54214 was published Dec 6, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-51615 was published Dec 6, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro... Critical Unreviewed

CVE-2024-51815 was published Dec 6, 2024

A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The... Critical Unreviewed

CVE-2024-52335 was published Dec 6, 2024

Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing... Critical Unreviewed

CVE-2024-53810 was published Dec 6, 2024

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of... Critical Unreviewed

CVE-2024-10773 was published Dec 6, 2024

The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that... Critical Unreviewed

CVE-2024-12155 was published Dec 6, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-38920 was published Dec 6, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-37863 was published Dec 6, 2024

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to... Critical Unreviewed

CVE-2024-37861 was published Dec 6, 2024

Default Credentail vulnerabilities allows access to an Aspect device using publicly available... Critical Unreviewed

CVE-2024-51555 was published Dec 5, 2024

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.... Critical Unreviewed

CVE-2024-51549 was published Dec 5, 2024

Username Enumeration vulnerabilities allow access to application level username add, delete,... Critical Unreviewed

CVE-2024-51545 was published Dec 5, 2024

Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized... Critical Unreviewed

CVE-2024-51550 was published Dec 5, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,860 advisories