Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,622 advisories

Loading
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2024-21336 was published Jan 26, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2024-21383 was published Jan 26, 2024
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Parasolid V36... Low Unreviewed
CVE-2024-26276 was published Apr 9, 2024
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected... Low Unreviewed
CVE-2023-38533 was published Jun 11, 2024
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.254), Parasolid V36... Low Unreviewed
CVE-2024-26277 was published Apr 9, 2024
On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated... Low Unreviewed
CVE-2024-34684 was published Jun 11, 2024
Password hash exposed in CraftCMS two factor authentication plugin Low
CVE-2024-5657 was published for born05/craft-twofactorauthentication (Composer) Jun 6, 2024
`docker cp` allows unexpected chmod of host files in Moby Docker Engine Low
CVE-2021-41089 was published for github.com/docker/docker (Go) Jun 10, 2024
LevanaXr ssst0n3
zenml-io/zenml does not expire the session after password reset Low
CVE-2024-4680 was published for zenml (pip) Jun 8, 2024
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode... Low Unreviewed
CVE-2024-35749 was published Jun 10, 2024
Memory handling issue in editcap could cause denial of service via crafted capture file Low Unreviewed
CVE-2024-4853 was published May 14, 2024
Use after free issue in editcap could cause denial of service via crafted capture file Low Unreviewed
CVE-2024-4855 was published May 14, 2024
tqdm CLI arguments injection attack Low
CVE-2024-34062 was published for tqdm (pip) May 3, 2024
CopperEagle
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. Low Unreviewed
CVE-2024-30512 was published Jun 9, 2024
A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue... Low Unreviewed
CVE-2024-5766 was published Jun 8, 2024
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
Cross site scripting in zenml Low
CVE-2024-2171 was published for zenml (pip) Jun 6, 2024
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both... Low Unreviewed
CVE-2024-3166 was published Jun 6, 2024
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-5307 was published Jun 6, 2024
s2n-tls has a potentially observable differences in RSA premaster secret handling Low
GHSA-52xf-5p2m-9wrv was published for s2n-tls (Rust) Jun 6, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820,... Low Unreviewed
CVE-2023-50803 was published Jun 5, 2024
Typo3 Information Disclosure in Page Tree Low
GHSA-h934-f4m4-wc8x was published for typo3/cms (Composer) Jun 5, 2024
Information Disclosure in TYPO3 CMS Low
GHSA-c7p6-3c9c-f88q was published for typo3/cms (Composer) Jun 5, 2024
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
ProTip! Advisories are also available from the GraphQL API