Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

30,221 advisories

Loading
Backdoor in api-res-py Critical
CVE-2022-31313 was published for api-res-py (pip) Jun 9, 2022
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9479 was published Nov 20, 2024
D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in... Critical Unreviewed
CVE-2024-52759 was published Nov 19, 2024
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function ... Critical Unreviewed
CVE-2024-52714 was published Nov 19, 2024
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out... Critical Unreviewed
CVE-2018-9478 was published Nov 20, 2024
Grafana plugin SDK Information Leakage Critical
CVE-2024-8986 was published for github.com/grafana/grafana-plugin-sdk-go (Go) Sep 19, 2024
.NET Remote Code Execution Vulnerability Critical
CVE-2024-43498 was published for System.Formats.Nrbf (NuGet) Nov 12, 2024
matt-phylum Credited to matt-phylum
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing... Critical Unreviewed
CVE-2018-9341 was published Nov 19, 2024
A SQL injection vulnerability in /model/update_exam.php in Campcodes Complete Web-Based School... Critical Unreviewed
CVE-2024-34932 was published May 23, 2024
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of... Critical Unreviewed
CVE-2024-10094 was published Nov 20, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11314 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11315 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11311 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11313 was published Nov 18, 2024
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of... Critical Unreviewed
CVE-2024-11312 was published Nov 18, 2024
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of... Critical Unreviewed
CVE-2024-50636 was published Nov 12, 2024
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is... Critical Unreviewed
CVE-2024-42450 was published Nov 19, 2024
Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. Critical Unreviewed
CVE-2024-44546 was published Nov 11, 2024
SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter. Critical Unreviewed
CVE-2024-25254 was published Nov 12, 2024
An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in... Critical Unreviewed
CVE-2021-35473 was published Nov 11, 2024
An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate... Critical Unreviewed
CVE-2023-29381 was published Jul 6, 2023
An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2023-29382 was published Jul 6, 2023
xalpha vulnerable to Remote Code Execution Critical
CVE-2023-37659 was published for xalpha (pip) Jul 11, 2023
Zope Object Database (ZODB) Arbitrary files reading and deletion Critical
CVE-2009-2701 was published for zodb3 (pip) May 2, 2022
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers Critical
CVE-2009-0668 was published for ZODB3 (pip) May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database