GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,912
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,045
Maven 5,228
npm 3,737
NuGet 663
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,289

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20,899 advisories

Filter by severity

Sort by

Least recently updated

Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php`... Critical Unreviewed

CVE-2024-53480 was published Dec 10, 2024

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting ... Critical Unreviewed

CVE-2024-54032 was published Dec 10, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11634 was published Dec 10, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated... Critical Unreviewed

CVE-2024-11633 was published Dec 10, 2024

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11639 was published Dec 10, 2024

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11772 was published Dec 10, 2024

SQL injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11773 was published Dec 10, 2024

An issue in the BYD Dilink Headunit System v3.0 to v4.0 allows attackers to bypass authentication... Critical Unreviewed

CVE-2024-46442 was published Dec 10, 2024

MOBATIME Network Master Clock - DTS 4801 allows attackers to use SSH to gain initial access using... Critical Unreviewed

CVE-2024-12286 was published Dec 10, 2024

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP... Critical Unreviewed

CVE-2024-55547 was published Dec 10, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45494 was published Dec 10, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45493 was published Dec 10, 2024

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-54751 was published Dec 10, 2024

Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on A77, A78, A78C,... Critical Unreviewed

CVE-2024-5660 was published Dec 10, 2024

CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account... Critical Unreviewed

CVE-2024-53552 was published Dec 10, 2024

Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... Critical Unreviewed

CVE-2024-37143 was published Dec 10, 2024

Adobe Document Service allows an attacker with administrator privileges to send a crafted request... Critical Unreviewed

CVE-2024-47578 was published Dec 10, 2024

A SQL Injection vulnerability was found in /admin/edit_teacher.php in kashipara E-learning... Critical Unreviewed

CVE-2024-54923 was published Dec 9, 2024

A SQL Injection was found in /student_signup.php in kashipara E-learning Management System v1.0,... Critical Unreviewed

CVE-2024-54921 was published Dec 9, 2024

A SQL Injection was found in /admin/edit_content.php in kashipara E-learning Management System v1... Critical Unreviewed

CVE-2024-54924 was published Dec 9, 2024

A SQL Injection was found in /admin/delete_event.php in kashipara E-learning Management System v1... Critical Unreviewed

CVE-2024-54931 was published Dec 9, 2024

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin... Critical Unreviewed

CVE-2024-54932 was published Dec 9, 2024

A SQL Injection was found in /remove_sent_message.php in kashipara E-learning Management System... Critical Unreviewed

CVE-2024-54925 was published Dec 9, 2024

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_class... Critical Unreviewed

CVE-2024-54934 was published Dec 9, 2024

Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a... Critical Unreviewed

CVE-2024-48956 was published Dec 9, 2024

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

20,899 advisories