GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,678
Composer 4,237
Erlang 31
GitHub Actions 20
Go 1,998
Maven 5,182
npm 3,710
NuGet 661
pip 3,364
Pub 11
RubyGems 885
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 235,068

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

255,746 advisories

Filter by severity

Sort by

Least recently updated

In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from... Moderate Unreviewed

CVE-2024-34742 was published Aug 16, 2024

An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows... High Unreviewed

CVE-2024-50955 was published Nov 14, 2024

The login form of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.283.4) at /Apps... Moderate Unreviewed

CVE-2024-45876 was published Nov 13, 2024

The create user function in baltic-it TOPqw Webportal 1.35.287.1 (fixed in version1.35.291), in ... Moderate Unreviewed

CVE-2024-45875 was published Nov 13, 2024

java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain... Moderate Unreviewed

CVE-2024-50651 was published Nov 15, 2024

The "Stammdaten" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in ... Moderate Unreviewed

CVE-2024-45878 was published Nov 13, 2024

The file upload function in the "QWKalkulation" tool of baltic-it TOPqw Webportal v1.35.287.1 ... Moderate Unreviewed

CVE-2024-45879 was published Nov 13, 2024

Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network... Moderate Unreviewed

CVE-2024-39290 was published Nov 22, 2024

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System... Moderate Unreviewed

CVE-2024-45837 was published Nov 22, 2024

Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows... High Unreviewed

CVE-2024-52053 was published Nov 22, 2024

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an... Moderate Unreviewed

CVE-2024-52054 was published Nov 22, 2024

Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager... Critical Unreviewed

CVE-2024-52052 was published Nov 22, 2024

AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and... Moderate Unreviewed

CVE-2024-47142 was published Nov 22, 2024

OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent... High Unreviewed

CVE-2024-31408 was published Nov 22, 2024

Dell Edge Gateway 5200 (Coffee Lake S), versions prior to 12.0.94.2380, contains an Exposure of... Moderate Unreviewed

CVE-2024-38296 was published Nov 22, 2024

The Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO WordPress... Moderate Unreviewed

CVE-2024-10482 was published Nov 22, 2024

A cookie management issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed

CVE-2024-44309 was published Nov 20, 2024

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an... Moderate Unreviewed

CVE-2024-52056 was published Nov 22, 2024

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an... High Unreviewed

CVE-2024-52055 was published Nov 22, 2024

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or... Moderate Unreviewed

CVE-2024-10978 was published Nov 14, 2024

The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating... Moderate Unreviewed

CVE-2024-5029 was published Nov 22, 2024

The pathname of the root directory to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2024-11303 was published Nov 18, 2024

Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver... Moderate Unreviewed

CVE-2024-11304 was published Nov 18, 2024

A potential security vulnerability has been identified in the system BIOS for certain HP... High Unreviewed

CVE-2023-6138 was published Feb 15, 2024

The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions... Moderate Unreviewed

CVE-2024-5331 was published Aug 1, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

255,746 advisories