Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,683 advisories

Loading
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this... High Unreviewed
CVE-2024-6402 was published Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12.... High Unreviewed
CVE-2024-6403 was published Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly... Moderate Unreviewed
CVE-2024-35137 was published Jun 28, 2024
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to... Moderate Unreviewed
CVE-2024-31919 was published Jun 28, 2024
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-35155 was published Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under... High Unreviewed
CVE-2024-31912 was published Jun 28, 2024
CometBFT is unstability during blocksync when syncing from malicious peer Moderate
GHSA-hg58-rf2h-6rr7 was published for github.com/cometbft/cometbft (Go) Jun 28, 2024
unknownfeature
ntlk unsafe deserialization vulnerability High
CVE-2024-39705 was published for nltk (pip) Jun 28, 2024
Name confusion in x509 Subject Alternative Name fields High
CVE-2023-52892 was published for phpseclib/phpseclib (Composer) Jun 28, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2... Unknown Unreviewed
CVE-2024-36059 was published Jun 28, 2024
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on... Unknown Unreviewed
CVE-2024-4395 was published Jun 28, 2024
PTC Creo Elements/Direct License Server exposes a web interface which can be used by... Critical Unreviewed
CVE-2024-6071 was published Jun 28, 2024
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate... Unknown Unreviewed
CVE-2016-20022 was published Jun 28, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... Unknown Unreviewed
CVE-2024-36072 was published Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... Unknown Unreviewed
CVE-2024-36075 was published Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... Unknown Unreviewed
CVE-2024-36074 was published Jun 27, 2024
A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a... Unknown Unreviewed
CVE-2024-39132 was published Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... Unknown Unreviewed
CVE-2024-36073 was published Jun 27, 2024
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the... Unknown Unreviewed
CVE-2024-39209 was published Jun 27, 2024
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of... Unknown Unreviewed
CVE-2024-39134 was published Jun 27, 2024
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest... Unknown Unreviewed
CVE-2024-36755 was published Jun 27, 2024
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext... Unknown Unreviewed
CVE-2024-5642 was published Jun 27, 2024
litellm vulnerable to remote code execution based on using eval unsafely Critical
CVE-2024-5751 was published for litellm (pip) Jun 27, 2024
litellm vulnerable to improper access control in team management Moderate
CVE-2024-5710 was published for litellm (pip) Jun 27, 2024
krrishdholakia byt3bl33d3r
lollms vulnerable to path traversal due to unauthenticated root folder settings change High
CVE-2024-6085 was published for lollms (pip) Jun 27, 2024
ProTip! Advisories are also available from the GraphQL API