GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,627 advisories
Filter by severity
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36072
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36075
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36074
was published
Jun 27, 2024
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks...
Critical
Unreviewed
CVE-2024-2973
was published
Jun 27, 2024
A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a...
Unknown
Unreviewed
CVE-2024-39132
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36073
was published
Jun 27, 2024
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of...
Unknown
Unreviewed
CVE-2024-39134
was published
Jun 27, 2024
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest...
Unknown
Unreviewed
CVE-2024-36755
was published
Jun 27, 2024
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the...
Unknown
Unreviewed
CVE-2024-39209
was published
Jun 27, 2024
Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire...
Moderate
Unreviewed
CVE-2024-3331
was published
Jun 27, 2024
In a
Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi...
Moderate
Unreviewed
CVE-2024-3017
was published
Jun 27, 2024
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee...
High
Unreviewed
CVE-2024-3043
was published
Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with...
High
Unreviewed
CVE-2024-5714
was published
Jun 27, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS...
Critical
Unreviewed
CVE-2024-3330
was published
Jun 27, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of...
High
Unreviewed
CVE-2024-5822
was published
Jun 27, 2024
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot...
Moderate
Unreviewed
CVE-2024-5755
was published
Jun 27, 2024
BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote...
Critical
Unreviewed
CVE-2024-5751
was published
Jun 27, 2024
A path traversal vulnerability in the `/set_personality_config` endpoint of parisneo/lollms...
High
Unreviewed
CVE-2024-5824
was published
Jun 27, 2024
A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms...
Moderate
Unreviewed
CVE-2024-5933
was published
Jun 27, 2024
In the latest version of vanna-ai/vanna, the `vanna.ask` function is vulnerable to remote code...
Critical
Unreviewed
CVE-2024-5826
was published
Jun 27, 2024
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The...
High
Unreviewed
CVE-2024-5885
was published
Jun 27, 2024
An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper...
Moderate
Unreviewed
CVE-2024-5936
was published
Jun 27, 2024
A path traversal vulnerability exists in the XTTS server included in the lollms package, version...
High
Unreviewed
CVE-2024-6085
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API