Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,510 advisories

Loading
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45970 was published Nov 15, 2024
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double... Critical Unreviewed
CVE-2024-10934 was published Nov 15, 2024
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit... Critical Unreviewed
CVE-2024-45971 was published Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to... Critical Unreviewed
CVE-2023-20036 was published Nov 15, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an... Critical Unreviewed
CVE-2023-20154 was published Nov 15, 2024
Improper neutralization of special elements used in a command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-10443 was published Nov 15, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed
CVE-2024-10924 was published Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed
CVE-2024-11120 was published Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the... Critical Unreviewed
CVE-2024-48970 was published Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an... Critical Unreviewed
CVE-2024-48973 was published Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in... Critical Unreviewed
CVE-2024-48971 was published Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed
CVE-2024-48974 was published Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for... Critical Unreviewed
CVE-2024-48967 was published Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed
CVE-2024-48966 was published Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed
CVE-2024-9832 was published Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and... Critical Unreviewed
CVE-2024-9834 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –... Critical Unreviewed
CVE-2024-52370 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket... Critical Unreviewed
CVE-2024-52369 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator... Critical Unreviewed
CVE-2024-52377 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for... Critical Unreviewed
CVE-2024-52376 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery... Critical Unreviewed
CVE-2024-52373 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer... Critical Unreviewed
CVE-2024-52372 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize... Critical Unreviewed
CVE-2024-52380 was published Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots,... Critical Unreviewed
CVE-2024-52384 was published Nov 14, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege... Critical Unreviewed
CVE-2024-52382 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database