Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,906 advisories

Loading
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8372 was published for angular (npm) Sep 9, 2024
AngularJS allows attackers to bypass common image source restrictions Low
CVE-2024-8373 was published for angular (npm) Sep 9, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing... Low Unreviewed
CVE-2024-8042 was published Sep 9, 2024
A vulnerability has been identified in Node.js, affecting users of the experimental permission... Low Unreviewed
CVE-2024-36137 was published Sep 7, 2024
An improper restriction of excessive authentication attempts vulnerability has been reported to... Low Unreviewed
CVE-2024-32771 was published Sep 6, 2024
An improper certificate validation vulnerability has been reported to affect QuMagie. If... Low Unreviewed
CVE-2024-38642 was published Sep 6, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,... Low Unreviewed
CVE-2024-27125 was published Sep 6, 2024
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when... Low Unreviewed
CVE-2024-6792 was published Sep 6, 2024
sigstore-go has an unbounded loop over untrusted input can lead to endless data attack Low
CVE-2024-45395 was published for github.com/sigstore/sigstore-go (Go) Sep 4, 2024
AdamKorcz codysoyland
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been... Low Unreviewed
CVE-2024-8417 was published Sep 4, 2024
Flask-AppBuilder's login form allows browser to cache sensitive fields Low
CVE-2024-45314 was published for flask-appbuilder (pip) Sep 4, 2024
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication Low
CVE-2024-45052 was published for ethyca-fides (pip) Sep 4, 2024
RobertKeyser pattisdr
daveqnet
Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1... Low Unreviewed
CVE-2024-34649 was published Sep 4, 2024
Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows... Low Unreviewed
CVE-2024-34640 was published Sep 4, 2024
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB... Low Unreviewed
CVE-2024-45620 was published Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An... Low Unreviewed
CVE-2024-45619 was published Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An... Low Unreviewed
CVE-2024-45615 was published Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An... Low Unreviewed
CVE-2024-45616 was published Sep 4, 2024
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or... Low Unreviewed
CVE-2024-45618 was published Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An... Low Unreviewed
CVE-2024-45617 was published Sep 4, 2024
gix-path uses local config across repos when it is the highest scope Low
CVE-2024-45305 was published for gix-path (Rust) Sep 3, 2024
EliahKagan martinvonz
runc can be confused to create empty files/directories on the host Low
CVE-2024-45310 was published for github.com/opencontainers/runc (Go) Sep 3, 2024
rata alban
cyphar sdowell
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and... Low Unreviewed
CVE-2023-7279 was published Sep 2, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject... Low Unreviewed
CVE-2024-38858 was published Sep 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database