GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
6,582 advisories
Filter by severity
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2024-45139
was published
Oct 9, 2024
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2024-45143
was published
Oct 9, 2024
A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3...
High
Unreviewed
CVE-2024-10101
was published
Oct 17, 2024
The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1...
High
Unreviewed
CVE-2017-18113
was published
May 24, 2022
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9981
was published
Oct 15, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-47962
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-47963
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An...
High
Unreviewed
CVE-2024-47966
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to...
High
Unreviewed
CVE-2024-47964
was published
Oct 10, 2024
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a...
High
Unreviewed
CVE-2024-47965
was published
Oct 10, 2024
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based...
High
Unreviewed
CVE-2024-7994
was published
Oct 17, 2024
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds...
High
Unreviewed
CVE-2024-7993
was published
Oct 17, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
...
High
Unreviewed
CVE-2024-38814
was published
Oct 16, 2024
This vulnerability exists in the Shilpi Client Dashboard due to improper validation of files...
High
Unreviewed
CVE-2024-47655
was published
Oct 4, 2024
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to authorization...
High
Unreviewed
CVE-2020-36840
was published
Oct 16, 2024
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF...
High
Unreviewed
CVE-2024-45693
was published
Oct 16, 2024
The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in...
High
Unreviewed
CVE-2021-4444
was published
Oct 16, 2024
The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
High
Unreviewed
CVE-2020-36839
was published
Oct 16, 2024
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability...
High
Unreviewed
CVE-2019-25214
was published
Oct 16, 2024
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious...
High
Unreviewed
CVE-2024-9467
was published
Oct 9, 2024
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that...
High
Unreviewed
CVE-2023-4807
was published
Sep 8, 2023
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
High
Unreviewed
CVE-2023-42137
was published
Jan 15, 2024
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2024-47417
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API