GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,683 advisories
Filter by severity
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this...
High
Unreviewed
CVE-2024-6402
was published
Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12....
High
Unreviewed
CVE-2024-6403
was published
Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly...
Moderate
Unreviewed
CVE-2024-35137
was published
Jun 28, 2024
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to...
Moderate
Unreviewed
CVE-2024-31919
was published
Jun 28, 2024
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2024-35155
was published
Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under...
High
Unreviewed
CVE-2024-31912
was published
Jun 28, 2024
CometBFT is unstability during blocksync when syncing from malicious peer
Moderate
GHSA-hg58-rf2h-6rr7
was published
for
github.com/cometbft/cometbft
(Go)
Jun 28, 2024
ntlk unsafe deserialization vulnerability
High
CVE-2024-39705
was published
for
nltk
(pip)
Jun 28, 2024
Name confusion in x509 Subject Alternative Name fields
High
CVE-2023-52892
was published
for
phpseclib/phpseclib
(Composer)
Jun 28, 2024
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2...
Unknown
Unreviewed
CVE-2024-36059
was published
Jun 28, 2024
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on...
Unknown
Unreviewed
CVE-2024-4395
was published
Jun 28, 2024
PTC Creo Elements/Direct License Server exposes a web interface which can be used by...
Critical
Unreviewed
CVE-2024-6071
was published
Jun 28, 2024
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate...
Unknown
Unreviewed
CVE-2016-20022
was published
Jun 28, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36072
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36075
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36074
was published
Jun 27, 2024
A NULL Pointer Dereference vulnerability in DumpTS v0.1.0-nightly allows attackers to cause a...
Unknown
Unreviewed
CVE-2024-39132
was published
Jun 27, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
Unknown
Unreviewed
CVE-2024-36073
was published
Jun 27, 2024
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the...
Unknown
Unreviewed
CVE-2024-39209
was published
Jun 27, 2024
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of...
Unknown
Unreviewed
CVE-2024-39134
was published
Jun 27, 2024
D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest...
Unknown
Unreviewed
CVE-2024-36755
was published
Jun 27, 2024
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext...
Unknown
Unreviewed
CVE-2024-5642
was published
Jun 27, 2024
litellm vulnerable to remote code execution based on using eval unsafely
Critical
CVE-2024-5751
was published
for
litellm
(pip)
Jun 27, 2024
litellm vulnerable to improper access control in team management
Moderate
CVE-2024-5710
was published
for
litellm
(pip)
Jun 27, 2024
lollms vulnerable to path traversal due to unauthenticated root folder settings change
High
CVE-2024-6085
was published
for
lollms
(pip)
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API