GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,134
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,262
npm 3,757
NuGet 678
pip 3,444
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,285

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

24,366 advisories

Filter by severity

Sort by

Least recently updated

The mqlink.elf is service component in Ruijie RG-EW300N with firmware ReyeeOS 1.300.1422 is... Critical Unreviewed

CVE-2024-42936 was published Jan 21, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27112 was published Jan 22, 2025

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit... Critical Unreviewed

CVE-2024-24421 was published Jan 22, 2025

pearProjectApi v2.8.10 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2023-27113 was published Jan 22, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57482 was published Jan 15, 2025

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification... Critical Unreviewed

CVE-2024-57471 was published Jan 15, 2025

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file... Critical Unreviewed

CVE-2024-48760 was published Jan 15, 2025

Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Critical Unreviewed

CVE-2024-55959 was published Jan 21, 2025

The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for... Critical Unreviewed

CVE-2024-53931 was published Jan 7, 2025

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed

CVE-2023-32462 was published Feb 15, 2024

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8... Critical Unreviewed

CVE-2018-11138 was published May 13, 2022

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free... Critical Unreviewed

CVE-2018-15982 was published May 14, 2022

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host... Critical Unreviewed

CVE-2018-10562 was published May 13, 2022

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files... Critical Unreviewed

CVE-2018-14847 was published May 14, 2022

ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An... Critical Unreviewed

CVE-2024-52329 was published Jan 23, 2025

ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated... Critical Unreviewed

CVE-2024-52330 was published Jan 23, 2025

It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed

CVE-2025-0637 was published Jan 23, 2025

Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client... Critical Unreviewed

CVE-2024-46505 was published Jan 9, 2025

The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme)... Critical Unreviewed

CVE-2024-53932 was published Jan 7, 2025

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed

CVE-2018-10561 was published May 14, 2022

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This... Critical Unreviewed

CVE-2018-4878 was published May 13, 2022

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20... Critical Unreviewed

CVE-2016-0984 was published May 17, 2022

Pre-authentication deserialization of untrusted data vulnerability has been identified in the... Critical Unreviewed

CVE-2025-23006 was published Jan 23, 2025

An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed

CVE-2024-52975 was published Jan 23, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,366 advisories