GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,944
Composer 4,781
Erlang 36
GitHub Actions 29
Go 2,345
Maven 5,666
npm 3,976
NuGet 719
pip 3,772
Pub 12
RubyGems 923
Rust 980
Swift 38

Unreviewed advisories

All unreviewed 260,214

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

122,508 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Expired and unusable administrator authentication tokens can be revealed by units that have timed... Moderate Unreviewed

CVE-2024-47517 was published Jan 11, 2025

On Arista CloudVision Appliance (CVA) affected releases running on appliances that support... Moderate Unreviewed

CVE-2024-7142 was published Jan 11, 2025

A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed

CVE-2024-9133 was published Jan 11, 2025

Specially constructed queries targeting ETM could discover active remote access sessions Moderate Unreviewed

CVE-2024-47518 was published Jan 11, 2025

On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size”... Moderate Unreviewed

CVE-2024-7095 was published Jan 10, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-23079 was published Jan 10, 2025

Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File... Moderate Unreviewed

CVE-2024-54910 was published Jan 10, 2025

MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the... Moderate Unreviewed

CVE-2024-54994 was published Jan 10, 2025

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability... Moderate Unreviewed

CVE-2024-54997 was published Jan 10, 2025

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability... Moderate Unreviewed

CVE-2024-54998 was published Jan 10, 2025

On affected platforms running Arista EOS with one of the following features configured to... Moderate Unreviewed

CVE-2024-6437 was published Jan 10, 2025

On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag... Moderate Unreviewed

CVE-2024-5872 was published Jan 10, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-23078 was published Jan 10, 2025

Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module... Moderate Unreviewed

CVE-2024-54687 was published Jan 10, 2025

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH)... Moderate Unreviewed

CVE-2024-54847 was published Jan 10, 2025

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and... Moderate Unreviewed

CVE-2024-54846 was published Jan 10, 2025

An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private... Moderate Unreviewed

CVE-2024-54849 was published Jan 10, 2025

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Moderate Unreviewed

CVE-2024-57212 was published Jan 10, 2025

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Moderate Unreviewed

CVE-2024-57213 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Moderate Unreviewed

CVE-2024-57222 was published Jan 10, 2025

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Moderate Unreviewed

CVE-2024-57214 was published Jan 10, 2025

During MegaBIP installation process, a user is encouraged to change a default path to... Moderate Unreviewed

CVE-2024-6880 was published Jan 10, 2025

Trippo Responsive Filemanager 9.14.0 is vulnerable to Cross Site Scripting (XSS) via file upload... Moderate Unreviewed

CVE-2024-50807 was published Jan 10, 2025

FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. Moderate Unreviewed

CVE-2025-23022 was published Jan 10, 2025

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing... Moderate Unreviewed

CVE-2024-57822 was published Jan 10, 2025

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

122,508 advisories