GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

234,189 advisories

Filter by severity

Sort by

Least recently updated

A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to... Unknown Unreviewed

CVE-2024-52613 was published Nov 15, 2024

A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to... Unknown Unreviewed

CVE-2024-49777 was published Nov 15, 2024

A heap-based buffer overflow in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to... Unknown Unreviewed

CVE-2024-49778 was published Nov 15, 2024

The ventilator's microcontroller lacks memory protection. An attacker could connect to the... Critical Unreviewed

CVE-2024-48970 was published Nov 15, 2024

The debug port on the ventilator's serial interface is enabled by default. This could allow an... Critical Unreviewed

CVE-2024-48973 was published Nov 15, 2024

Cross-Site Request Forgery (CSRF) vulnerability in GeekRMX Twitter @Anywhere Plus allows Stored... High Unreviewed

CVE-2024-51659 was published Nov 15, 2024

The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in... Critical Unreviewed

CVE-2024-48971 was published Nov 15, 2024

07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Unknown Unreviewed

CVE-2024-51156 was published Nov 15, 2024

Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS... High Unreviewed

CVE-2024-51679 was published Nov 15, 2024

A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to... Unknown Unreviewed

CVE-2024-41209 was published Nov 15, 2024

A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to... Unknown Unreviewed

CVE-2024-41217 was published Nov 15, 2024

A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause... Unknown Unreviewed

CVE-2024-49776 was published Nov 15, 2024

A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to... Unknown Unreviewed

CVE-2024-41206 was published Nov 15, 2024

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading... Unknown Unreviewed

CVE-2024-50968 was published Nov 15, 2024

In the autofill service, the package name that is provided by the app process is trusted... Unknown Unreviewed

CVE-2017-13227 was published Nov 15, 2024

The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed

CVE-2024-48974 was published Nov 15, 2024

The ventilator and the Service PC lack sufficient audit logging capabilities to allow for... Critical Unreviewed

CVE-2024-48967 was published Nov 15, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Henrik Hoff WP Course Manager allows Stored... High Unreviewed

CVE-2024-51658 was published Nov 15, 2024

The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed

CVE-2024-48966 was published Nov 15, 2024

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS... Unknown Unreviewed

CVE-2024-31695 was published Nov 15, 2024

Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without... Unknown Unreviewed

CVE-2024-39707 was published Nov 15, 2024

Cross Site Scripting vulnerability in Virtuozzo Hybrid Server for WHMCS Open Source v.1.7.1... Unknown Unreviewed

CVE-2024-40579 was published Nov 15, 2024

There is no limit on the number of failed login attempts permitted with the Clinician Password or... Critical Unreviewed

CVE-2024-9832 was published Nov 14, 2024

Cross-Site Request Forgery (CSRF) vulnerability in FraudLabs Pro FraudLabs Pro SMS Verification... High Unreviewed

CVE-2024-51688 was published Nov 14, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Platform.Ly Platform.Ly Official allows Stored... High Unreviewed

CVE-2024-51687 was published Nov 14, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

234,189 advisories