GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
672 advisories
Filter by severity
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This...
Critical
Unreviewed
CVE-2023-33934
was published
Aug 9, 2023
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an...
Critical
Unreviewed
CVE-2023-39216
was published
Aug 8, 2023
An unvalidated input in a library function responsible for communicating between secure and non...
Critical
Unreviewed
CVE-2023-4020
was published
Dec 15, 2023
In wlan service, there is a possible out of bounds write due to improper input validation. This...
Critical
Unreviewed
CVE-2024-20017
was published
Mar 4, 2024
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and...
Critical
Unreviewed
CVE-2024-24691
was published
Feb 14, 2024
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This...
Critical
Unreviewed
CVE-2024-7591
was published
Sep 5, 2024
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,...
Critical
Unreviewed
CVE-2023-0636
was published
Jul 6, 2023
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Critical
Unreviewed
CVE-2024-8889
was published
Sep 18, 2024
Due to an improper input validation, an unauthenticated threat actor can send a malicious message...
Critical
Unreviewed
CVE-2024-5989
was published
Jun 25, 2024
Due to an improper input validation, an unauthenticated threat actor can send a malicious message...
Critical
Unreviewed
CVE-2024-5988
was published
Jun 25, 2024
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow...
Critical
Unreviewed
CVE-2022-47966
was published
Jan 18, 2023
Atlassian has been made aware of an issue reported by a handful of customers where external...
Critical
Unreviewed
CVE-2023-22515
was published
Oct 4, 2023
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application...
Critical
Unreviewed
CVE-2024-8073
was published
Aug 26, 2024
The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available...
Critical
Unreviewed
CVE-2023-45163
was published
Nov 6, 2023
The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on...
Critical
Unreviewed
CVE-2023-45161
was published
Nov 6, 2023
An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-44808
was published
Sep 4, 2024
A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0,...
Critical
Unreviewed
CVE-2024-44809
was published
Sep 4, 2024
Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote...
Critical
Unreviewed
CVE-2024-0864
was published
Feb 29, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™...
Critical
Unreviewed
CVE-2024-7988
was published
Aug 26, 2024
Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live...
Critical
Unreviewed
CVE-2024-42531
was published
Aug 23, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input...
Critical
Unreviewed
CVE-2024-45167
was published
Aug 22, 2024
In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve...
Critical
Unreviewed
CVE-2024-23717
was published
Mar 11, 2024
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial...
Critical
Unreviewed
CVE-2023-47003
was published
Nov 16, 2023
Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network...
Critical
Unreviewed
CVE-2024-21810
was published
Aug 14, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application...
Critical
Unreviewed
CVE-2024-41940
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API