GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,138
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,263
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,305

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,370 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9,... Critical Unreviewed

CVE-2024-55573 was published Jan 24, 2025

An issue was discovered in Centreon Web 24.10.x before 24.10.3, 24.04.x before 24.04.9, 23.10.x... Critical Unreviewed

CVE-2024-53923 was published Jan 24, 2025

PaddlePaddle Path Traversal vulnerability Critical

CVE-2024-0818 was published for paddlepaddle (pip) Mar 7, 2024

Apache Wicket: An attacker can intentionally trigger a memory leak Critical

CVE-2024-53299 was published for org.apache.wicket:wicket-core (Maven) Jan 23, 2025

Apache RocketMQ may have remote code execution vulnerability when using update configuration function Critical

CVE-2023-33246 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 6, 2023

Code execution in Apache Struts 1 plugin Critical

CVE-2017-9791 was published for org.apache.struts:struts2-struts1-plugin (Maven) May 13, 2022

In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access... Critical Unreviewed

CVE-2017-13322 was published Jan 18, 2025

SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary... Critical Unreviewed

CVE-2024-25227 was published Mar 15, 2024

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command... Critical Unreviewed

CVE-2024-26260 was published Feb 15, 2024

The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File... Critical Unreviewed

CVE-2024-26261 was published Feb 15, 2024

An issue found in Agasio-Camera device version not specified allows a remote attacker to execute... Critical Unreviewed

CVE-2023-29862 was published May 15, 2023

The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed

CVE-2024-42936 was published Jan 21, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27112 was published Jan 22, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27113 was published Jan 22, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57482 was published Jan 15, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57471 was published Jan 15, 2025

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file... Critical Unreviewed

CVE-2024-48760 was published Jan 15, 2025

Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Critical Unreviewed

CVE-2024-55959 was published Jan 21, 2025

The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for... Critical Unreviewed

CVE-2024-53931 was published Jan 7, 2025

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed

CVE-2023-32462 was published Feb 15, 2024

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8... Critical Unreviewed

CVE-2018-11138 was published May 13, 2022

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed

CVE-2018-15982 was published May 14, 2022

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host... Critical Unreviewed

CVE-2018-10562 was published May 13, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,370 advisories