GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,110
Erlang
29
GitHub Actions
19
Go
1,928
Maven
5,000+
npm
3,665
NuGet
642
pip
3,272
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
229,922 advisories
Filter by severity
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password...
Moderate
Unreviewed
CVE-2024-8264
was published
Oct 10, 2024
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows...
Unknown
Unreviewed
CVE-2024-48942
was published
Oct 10, 2024
A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers...
Unknown
Unreviewed
CVE-2024-48933
was published
Oct 10, 2024
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows...
Unknown
Unreviewed
CVE-2024-48941
was published
Oct 10, 2024
VMware NSX contains a local privilege escalation vulnerability.
An authenticated malicious...
Moderate
Unreviewed
CVE-2024-38818
was published
Oct 9, 2024
VMware NSX contains a content spoofing vulnerability.
An unauthenticated malicious actor may be...
Moderate
Unreviewed
CVE-2024-38815
was published
Oct 9, 2024
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user...
Low
Unreviewed
CVE-2024-30118
was published
Oct 9, 2024
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)...
High
Unreviewed
CVE-2024-39525
was published
Oct 9, 2024
An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon ...
High
Unreviewed
CVE-2024-39515
was published
Oct 9, 2024
An Out-of-Bounds Read vulnerability in
the routing protocol daemon (rpd) of
Juniper Networks...
High
Unreviewed
CVE-2024-39516
was published
Oct 9, 2024
Mware NSX contains a command injection vulnerability.
A malicious actor with access to the NSX...
Moderate
Unreviewed
CVE-2024-38817
was published
Oct 9, 2024
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-9473
was published
Oct 9, 2024
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software...
Moderate
Unreviewed
CVE-2024-9471
was published
Oct 9, 2024
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-9469
was published
Oct 9, 2024
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled)...
Unknown
Unreviewed
CVE-2024-45746
was published
Oct 9, 2024
A loop hole in the payment logic of Sparkshop v1.16 allows attackers to arbitrarily modify the...
Unknown
Unreviewed
CVE-2024-46307
was published
Oct 9, 2024
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have...
Moderate
Unreviewed
CVE-2024-9470
was published
Oct 9, 2024
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated...
High
Unreviewed
CVE-2024-9468
was published
Oct 9, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated...
Critical
Unreviewed
CVE-2024-9463
was published
Oct 9, 2024
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated...
Critical
Unreviewed
CVE-2024-9465
was published
Oct 9, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated...
Critical
Unreviewed
CVE-2024-9464
was published
Oct 9, 2024
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious...
High
Unreviewed
CVE-2024-9467
was published
Oct 9, 2024
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition...
High
Unreviewed
CVE-2024-9466
was published
Oct 9, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-46316
was published
Oct 9, 2024
FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114...
Unknown
Unreviewed
CVE-2024-25825
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API