Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,619 advisories

Loading
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid... Low Unreviewed
CVE-2023-31366 was published Aug 13, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed
CVE-2024-41976 was published Aug 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... Critical Unreviewed
CVE-2024-41940 was published Aug 13, 2024
Concrete CMS Stored Cross-site Scripting vulnerability Low
CVE-2024-4350 was published for concrete5/concrete5 (Composer) Aug 12, 2024
Apache DolphinScheduler: Resource File Read And Write Vulnerability High
CVE-2024-30188 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Aug 12, 2024
Apache DolphinScheduler: RCE by arbitrary js execution High
CVE-2024-29831 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Aug 12, 2024
Concrete CMS Stored XSS in getAttributeSetName Low
CVE-2024-7394 was published for concrete5/concrete5 (Composer) Aug 8, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-6254 was published Aug 8, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533... Moderate Unreviewed
CVE-2024-7004 was published Aug 6, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533... High Unreviewed
CVE-2024-7005 was published Aug 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command... High Unreviewed
CVE-2024-23483 was published Aug 6, 2024
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7... Critical Unreviewed
CVE-2024-6915 was published Aug 5, 2024
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite... Moderate Unreviewed
CVE-2024-21978 was published Aug 5, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). The... High Unreviewed
CVE-2024-38879 was published Aug 2, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not... High Unreviewed
CVE-2024-40721 was published Aug 2, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not... High Unreviewed
CVE-2024-40720 was published Aug 2, 2024
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type. Critical Unreviewed
CVE-2024-42458 was published Aug 2, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting Low
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
Improper Input Validation of query search results for private field data in PingIDM OPENIDM ... Low Unreviewed
CVE-2024-23600 was published Aug 1, 2024
A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307... High Unreviewed
CVE-2023-1577 was published Jul 31, 2024
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow... Moderate Unreviewed
CVE-2017-3772 was published Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows Command... Moderate Unreviewed
CVE-2024-6978 was published Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows OS Command... High Unreviewed
CVE-2024-6973 was published Jul 31, 2024
Weave server API vulnerable to arbitrary file leak High
CVE-2024-7340 was published for weave (pip) Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data... High Unreviewed
CVE-2024-39950 was published Jul 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database