Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

91,086 advisories

Loading
The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote... High Unreviewed
CVE-2024-9970 was published Oct 15, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions... High Unreviewed
CVE-2024-9687 was published Oct 15, 2024
WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with... High Unreviewed
CVE-2024-9968 was published Oct 15, 2024
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed
CVE-2024-9548 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable... High Unreviewed
CVE-2024-35519 was published Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7... High Unreviewed
CVE-2024-48824 was published Oct 14, 2024
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory... High Unreviewed
CVE-2024-6207 was published Oct 14, 2024
Privilege escalation in Automatic Systems Maintenance SlimLane... High Unreviewed
CVE-2024-48822 was published Oct 14, 2024
An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to... High Unreviewed
CVE-2024-48791 was published Oct 14, 2024
An issue in EQUES com.eques.plug 1.0.1 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48796 was published Oct 14, 2024
An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker... High Unreviewed
CVE-2024-48797 was published Oct 14, 2024
An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to... High Unreviewed
CVE-2024-48798 was published Oct 14, 2024
An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain... High Unreviewed
CVE-2024-48789 was published Oct 14, 2024
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48792 was published Oct 14, 2024
An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to... High Unreviewed
CVE-2024-48799 was published Oct 14, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does... High Unreviewed
CVE-2024-45733 was published Oct 14, 2024
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user... High Unreviewed
CVE-2024-45731 was published Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud... High Unreviewed
CVE-2024-45732 was published Oct 14, 2024
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat,... High Unreviewed
CVE-2024-48249 was published Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. High Unreviewed
CVE-2024-48259 was published Oct 14, 2024
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin. High Unreviewed
CVE-2024-48257 was published Oct 14, 2024
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to... High Unreviewed
CVE-2024-7847 was published Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection. High Unreviewed
CVE-2024-48253 was published Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database