GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,542

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,099 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in... High Unreviewed

CVE-2024-56086 was published Dec 16, 2024

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while... Moderate Unreviewed

CVE-2024-56087 was published Dec 16, 2024

An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while... Moderate Unreviewed

CVE-2024-56085 was published Dec 16, 2024

An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can... High Unreviewed

CVE-2024-56084 was published Dec 16, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a... High Unreviewed

CVE-2024-53290 was published Dec 11, 2024

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has... Moderate Unreviewed

CVE-2024-11652 was published Dec 11, 2024

A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has... Moderate Unreviewed

CVE-2024-11651 was published Dec 11, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11634 was published Dec 10, 2024

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11772 was published Dec 10, 2024

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ... High Unreviewed

CVE-2024-55544 was published Dec 10, 2024

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP... Critical Unreviewed

CVE-2024-55547 was published Dec 10, 2024

An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core... High Unreviewed

CVE-2024-53919 was published Dec 10, 2024

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-12358 was published Dec 9, 2024

An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If... Critical Unreviewed

CVE-2024-50388 was published Dec 6, 2024

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote... Moderate Unreviewed

CVE-2024-53672 was published Dec 3, 2024

A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... High Unreviewed

CVE-2024-51771 was published Dec 3, 2024

An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface... Moderate Unreviewed

CVE-2024-51772 was published Dec 3, 2024

An issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote... High Unreviewed

CVE-2024-51114 was published Dec 3, 2024

An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker... High Unreviewed

CVE-2024-29404 was published Dec 3, 2024

Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for... High Unreviewed

CVE-2024-11013 was published Nov 29, 2024

An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv... Moderate Unreviewed

CVE-2024-48747 was published Nov 26, 2024

TP-Link TL-IPC42C V4.0_20211227_1.0.16 is vulnerable to command injection due to the lack of... Unknown Unreviewed

CVE-2024-48288 was published Nov 26, 2024

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the... Moderate Unreviewed

CVE-2024-11320 was published Nov 26, 2024

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor... High Unreviewed

CVE-2024-38831 was published Nov 26, 2024

Previous 1 2 3 4 5 … 83 84 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,099 advisories