GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
318 advisories
Filter by severity
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All...
High
Unreviewed
CVE-2024-50572
was published
Nov 12, 2024
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to...
High
Unreviewed
CVE-2024-43388
was published
Sep 10, 2024
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable...
High
Unreviewed
CVE-2024-6331
was published
Aug 4, 2024
modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run...
High
Unreviewed
CVE-2023-46304
was published
Apr 30, 2024
This vulnerability allows an already authenticated admin user to create a malicious payload that...
High
Unreviewed
CVE-2024-1882
was published
Mar 14, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23268
was published
Mar 8, 2024
An injection issue was addressed with improved input validation. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23274
was published
Mar 8, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
High
Unreviewed
CVE-2024-22319
was published
Feb 2, 2024
An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0...
High
Unreviewed
CVE-2023-51939
was published
Feb 1, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
High
Unreviewed
CVE-2023-42136
was published
Jan 15, 2024
PAX A920 device allows to downgrade bootloader due to a bug in its version check. The signature...
High
Unreviewed
CVE-2023-4818
was published
Jan 15, 2024
The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter...
High
Unreviewed
CVE-2023-29050
was published
Jan 8, 2024
Mattermost version 2.10.0 and earlier fails to sanitize deeplink paths, which allows an attacker...
High
Unreviewed
CVE-2023-7114
was published
Dec 29, 2023
On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication...
High
Unreviewed
CVE-2023-49328
was published
Dec 25, 2023
An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting...
High
Unreviewed
CVE-2023-49964
was published
Dec 11, 2023
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the...
High
Unreviewed
CVE-2023-48826
was published
Dec 7, 2023
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
High
Unreviewed
CVE-2023-48835
was published
Dec 7, 2023
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export.
High
Unreviewed
CVE-2023-48830
was published
Dec 7, 2023
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
High
Unreviewed
CVE-2023-48841
was published
Dec 7, 2023
An issue in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive...
High
Unreviewed
CVE-2023-48199
was published
Nov 16, 2023
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may...
High
Unreviewed
CVE-2023-44109
was published
Oct 11, 2023
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a...
High
Unreviewed
CVE-2023-3665
was published
Oct 4, 2023
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that...
High
Unreviewed
CVE-2023-43835
was published
Oct 2, 2023
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname...
High
Unreviewed
CVE-2023-41580
was published
Oct 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,...
High
Unreviewed
CVE-2023-3922
was published
Sep 29, 2023
ProTip!
Advisories are also available from the
GraphQL API