GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,510 advisories
Filter by severity
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit...
Critical
Unreviewed
CVE-2024-45970
was published
Nov 15, 2024
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021,
avoid possible mbuf double...
Critical
Unreviewed
CVE-2024-10934
was published
Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit...
Critical
Unreviewed
CVE-2024-45971
was published
Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20036
was published
Nov 15, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an...
Critical
Unreviewed
CVE-2023-20154
was published
Nov 15, 2024
Improper neutralization of special elements used in a command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-10443
was published
Nov 15, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the...
Critical
Unreviewed
CVE-2024-48970
was published
Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for...
Critical
Unreviewed
CVE-2024-48967
was published
Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This...
Critical
Unreviewed
CVE-2024-48974
was published
Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in...
Critical
Unreviewed
CVE-2024-48971
was published
Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an...
Critical
Unreviewed
CVE-2024-48973
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or...
Critical
Unreviewed
CVE-2024-9832
was published
Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –...
Critical
Unreviewed
CVE-2024-52370
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket...
Critical
Unreviewed
CVE-2024-52369
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows...
Critical
Unreviewed
CVE-2024-52374
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager...
Critical
Unreviewed
CVE-2024-52375
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for...
Critical
Unreviewed
CVE-2024-52376
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies...
Critical
Unreviewed
CVE-2024-52379
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots,...
Critical
Unreviewed
CVE-2024-52384
was published
Nov 14, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove...
Critical
Unreviewed
CVE-2024-52393
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer...
Critical
Unreviewed
CVE-2024-52372
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API