GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
91,086 advisories
Filter by severity
The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote...
High
Unreviewed
CVE-2024-9970
was published
Oct 15, 2024
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions...
High
Unreviewed
CVE-2024-9687
was published
Oct 15, 2024
WebEIP v3.0 from
NewType does not properly validate user input, allowing remote attackers with...
High
Unreviewed
CVE-2024-9968
was published
Oct 15, 2024
The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
High
Unreviewed
CVE-2024-9548
was published
Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the...
High
Unreviewed
CVE-2024-35518
was published
Oct 15, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable...
High
Unreviewed
CVE-2024-35519
was published
Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2...
High
Unreviewed
CVE-2024-35520
was published
Oct 15, 2024
An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7...
High
Unreviewed
CVE-2024-48824
was published
Oct 14, 2024
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory...
High
Unreviewed
CVE-2024-6207
was published
Oct 14, 2024
Privilege escalation in Automatic Systems Maintenance SlimLane...
High
Unreviewed
CVE-2024-48822
was published
Oct 14, 2024
An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to...
High
Unreviewed
CVE-2024-48791
was published
Oct 14, 2024
An issue in EQUES com.eques.plug 1.0.1 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-48796
was published
Oct 14, 2024
An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker...
High
Unreviewed
CVE-2024-48797
was published
Oct 14, 2024
An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to...
High
Unreviewed
CVE-2024-48798
was published
Oct 14, 2024
An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-48789
was published
Oct 14, 2024
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-48792
was published
Oct 14, 2024
An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to...
High
Unreviewed
CVE-2024-48799
was published
Oct 14, 2024
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does...
High
Unreviewed
CVE-2024-45733
was published
Oct 14, 2024
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user...
High
Unreviewed
CVE-2024-45731
was published
Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud...
High
Unreviewed
CVE-2024-45732
was published
Oct 14, 2024
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat,...
High
Unreviewed
CVE-2024-48249
was published
Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.
High
Unreviewed
CVE-2024-48259
was published
Oct 14, 2024
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin.
High
Unreviewed
CVE-2024-48257
was published
Oct 14, 2024
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection.
High
Unreviewed
CVE-2024-48253
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API