GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,906 advisories
Filter by severity
In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and...
Low
Unreviewed
CVE-2024-3247
was published
Apr 3, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and...
Low
Unreviewed
CVE-2024-3248
was published
Apr 3, 2024
In Quarkus, git credentials could be inadvertently published
Low
CVE-2024-1979
was published
for
io.quarkus:quarkus-kubernetes-deployment
(Maven)
Mar 13, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27343
was published
Apr 3, 2024
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27336
was published
Apr 3, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27345
was published
Apr 3, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27346
was published
Apr 3, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-30329
was published
Apr 3, 2024
Concrete CMS Stored XSS on the calendar color settings screen
Low
CVE-2024-2753
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter
Low
CVE-2024-3178
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing
Low
CVE-2024-3179
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Stored XSS in the Search Field
Low
CVE-2024-3181
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which...
Low
Unreviewed
CVE-2002-2000
was published
Apr 23, 2022
ruby193 uses an insecure LD_LIBRARY_PATH setting.
Low
Unreviewed
CVE-2013-1945
was published
May 5, 2022
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that...
Low
Unreviewed
CVE-2018-2005
was published
May 24, 2022
Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read...
Low
Unreviewed
CVE-2019-5296
was published
May 24, 2022
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user...
Low
Unreviewed
CVE-2019-0307
was published
May 24, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange...
Low
Unreviewed
CVE-2019-10155
was published
May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the...
Low
Unreviewed
CVE-2018-10947
was published
May 24, 2022
Logic condition in specific microprocessors may allow an authenticated user to potentially enable...
Low
Unreviewed
CVE-2019-0174
was published
May 24, 2022
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial...
Low
Unreviewed
CVE-2019-13232
was published
May 24, 2022
GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish...
Low
Unreviewed
CVE-2019-1010310
was published
May 24, 2022
IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt...
Low
Unreviewed
CVE-2019-1010208
was published
May 24, 2022
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories...
Low
Unreviewed
CVE-2018-20894
was published
May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation...
Low
Unreviewed
CVE-2018-20897
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API