GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,436 advisories
Filter by severity
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x)...
High
Unreviewed
CVE-2024-22052
was published
Apr 4, 2024
A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a...
High
Unreviewed
CVE-2024-41586
was published
Oct 3, 2024
DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests.
High
Unreviewed
CVE-2024-41589
was published
Oct 3, 2024
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An...
High
Unreviewed
CVE-2024-42417
was published
Oct 4, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti...
High
Unreviewed
CVE-2024-21894
was published
Apr 5, 2024
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x
22.x) and Ivanti...
High
Unreviewed
CVE-2024-22053
was published
Apr 4, 2024
An unauthorized user is able to gain access to sensitive data, including credentials, by...
High
Unreviewed
CVE-2024-38280
was published
Jun 13, 2024
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to...
High
Unreviewed
CVE-2024-3467
was published
Jun 12, 2024
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access ...
High
Unreviewed
CVE-2024-20480
was published
Sep 25, 2024
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker...
High
Unreviewed
CVE-2023-2137
was published
Apr 19, 2023
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for...
High
Unreviewed
CVE-2024-44193
was published
Oct 2, 2024
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a...
High
Unreviewed
CVE-2024-41595
was published
Oct 3, 2024
Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor...
High
Unreviewed
CVE-2024-41596
was published
Oct 3, 2024
DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query...
High
Unreviewed
CVE-2024-41592
was published
Oct 3, 2024
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers...
High
Unreviewed
CVE-2020-26652
was published
Aug 22, 2023
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain...
High
Unreviewed
CVE-2021-35309
was published
Aug 22, 2023
Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote...
High
Unreviewed
CVE-2024-23959
was published
Sep 28, 2024
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-23935
was published
Sep 28, 2024
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow...
High
Unreviewed
CVE-2024-23967
was published
Sep 28, 2024
An attacker can access the maintenance console using hard coded credentials for a hidden wireless...
High
Unreviewed
CVE-2024-38281
was published
Jun 13, 2024
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting...
High
Unreviewed
CVE-2024-5131
was published
Jun 6, 2024
Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution...
High
Unreviewed
CVE-2024-23938
was published
Sep 28, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/mgag200: Bind I2C...
High
Unreviewed
CVE-2024-44967
was published
Sep 4, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including...
High
Unreviewed
CVE-2024-5130
was published
Jun 6, 2024
Fuji Electric Tellus Lite V-Simulator
is vulnerable to a stack-based buffer overflow, which...
High
Unreviewed
CVE-2024-37029
was published
Jun 13, 2024
ProTip!
Advisories are also available from the
GraphQL API