GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
20,504 advisories
Filter by severity
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
The ventilator's microcontroller lacks memory protection. An attacker could connect to the...
Critical
Unreviewed
CVE-2024-48970
was published
Nov 15, 2024
The debug port on the ventilator's serial interface is enabled by default. This could allow an...
Critical
Unreviewed
CVE-2024-48973
was published
Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in...
Critical
Unreviewed
CVE-2024-48971
was published
Nov 15, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This...
Critical
Unreviewed
CVE-2024-48974
was published
Nov 15, 2024
The ventilator and the Service PC lack sufficient audit logging capabilities to allow for...
Critical
Unreviewed
CVE-2024-48967
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
There is no limit on the number of failed login attempts permitted with the Clinician Password or...
Critical
Unreviewed
CVE-2024-9832
was published
Nov 14, 2024
Improper data protection on the ventilator's serial interface could allow an attacker to send and...
Critical
Unreviewed
CVE-2024-9834
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support –...
Critical
Unreviewed
CVE-2024-52370
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket...
Critical
Unreviewed
CVE-2024-52369
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator...
Critical
Unreviewed
CVE-2024-52377
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for...
Critical
Unreviewed
CVE-2024-52376
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery...
Critical
Unreviewed
CVE-2024-52373
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer...
Critical
Unreviewed
CVE-2024-52372
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize...
Critical
Unreviewed
CVE-2024-52380
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots,...
Critical
Unreviewed
CVE-2024-52384
was published
Nov 14, 2024
Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege...
Critical
Unreviewed
CVE-2024-52382
was published
Nov 14, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove...
Critical
Unreviewed
CVE-2024-52393
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows...
Critical
Unreviewed
CVE-2024-52374
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager...
Critical
Unreviewed
CVE-2024-52375
was published
Nov 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies...
Critical
Unreviewed
CVE-2024-52379
was published
Nov 14, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows...
Critical
Unreviewed
CVE-2024-3379
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3502
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API