GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,342 advisories
Filter by severity
Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote...
High
Unreviewed
CVE-2024-23959
was published
Sep 28, 2024
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-23923
was published
Sep 28, 2024
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-23935
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow...
High
Unreviewed
CVE-2024-23967
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code...
High
Unreviewed
CVE-2024-23957
was published
Sep 28, 2024
Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution...
High
Unreviewed
CVE-2024-23938
was published
Sep 28, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded...
High
Unreviewed
CVE-2024-7863
was published
Sep 13, 2024
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a...
High
Unreviewed
CVE-2024-46097
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40508
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40506
was published
Sep 27, 2024
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote...
High
Unreviewed
CVE-2024-46366
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40507
was published
Sep 27, 2024
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to...
High
Unreviewed
CVE-2023-39217
was published
Aug 8, 2023
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an...
High
Unreviewed
CVE-2023-39208
was published
Sep 12, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5...
High
Unreviewed
CVE-2023-43585
was published
Dec 14, 2023
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an...
High
Unreviewed
CVE-2023-43591
was published
Nov 15, 2023
Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote...
High
Unreviewed
CVE-2024-33369
was published
Sep 27, 2024
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could...
High
Unreviewed
CVE-2024-6436
was published
Sep 27, 2024
An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary...
High
Unreviewed
CVE-2024-33368
was published
Sep 27, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows...
High
Unreviewed
CVE-2023-39211
was published
Aug 9, 2023
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40509
was published
Sep 27, 2024
Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is...
High
Unreviewed
CVE-2024-3052
was published
Apr 27, 2024
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end...
High
Unreviewed
CVE-2024-3051
was published
Apr 27, 2024
ProTip!
Advisories are also available from the
GraphQL API