Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117,411 advisories

Loading
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to... Moderate Unreviewed
CVE-2017-13309 was published Nov 15, 2024
Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine... Moderate Unreviewed
CVE-2024-24447 was published Nov 15, 2024
Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine... Moderate Unreviewed
CVE-2024-24450 was published Nov 15, 2024
A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This... Moderate Unreviewed
CVE-2024-11124 was published Nov 12, 2024
The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero... Moderate Unreviewed
CVE-2021-47154 was published Mar 18, 2024
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16... Moderate Unreviewed
CVE-2024-27789 was published May 14, 2024
A vulnerability has been found in SourceCodester Student Record Management System 1.0 and... Moderate Unreviewed
CVE-2024-11262 was published Nov 16, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Student Record... Moderate Unreviewed
CVE-2024-11261 was published Nov 16, 2024
Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scripting (XSS) via the... Moderate Unreviewed
CVE-2021-27703 was published Nov 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-9477 was published Nov 13, 2024
NodeBB 3.6.7 is vulnerable to Incorrect Access Control. Moderate Unreviewed
CVE-2024-29316 was published Mar 29, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-20070 was published Jun 3, 2024
Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR... Moderate Unreviewed
CVE-2024-34024 was published Jun 18, 2024
Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function... Moderate Unreviewed
CVE-2023-45935 was published Mar 27, 2024
Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple Pairing using the Passkey... Moderate Unreviewed
CVE-2021-37577 was published Oct 1, 2024
In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of... Moderate Unreviewed
CVE-2024-27223 was published Mar 11, 2024
Password stored in a recoverable format by Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50770 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
Open redirect vulnerability in Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50771 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings,... Moderate Unreviewed
CVE-2024-10104 was published Nov 15, 2024
The Secure Custom Fields WordPress plugin before 6.3.9, Secure Custom Fields WordPress plugin... Moderate Unreviewed
CVE-2024-9529 was published Nov 15, 2024
Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote... Moderate Unreviewed
CVE-2024-50800 was published Nov 15, 2024
A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause... Moderate Unreviewed
CVE-2024-49776 was published Nov 15, 2024
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed
CVE-2024-34397 was published May 7, 2024
netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /include/authrp.php. Moderate Unreviewed
CVE-2024-30872 was published Apr 1, 2024
In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Add SKB... Moderate Unreviewed
CVE-2024-50145 was published Nov 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database