GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,421 advisories
Filter by severity
Insufficient verification vulnerability in the system sharing pop-up module
Impact: Successful...
Low
Unreviewed
CVE-2024-32989
was published
May 14, 2024
A Segmentation Fault issue discovered in
Samsung Open Source Escargot JavaScript engine
...
Moderate
Unreviewed
CVE-2024-32672
was published
May 14, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ...
Unknown
Unreviewed
CVE-2024-2257
was published
May 14, 2024
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are...
High
Unreviewed
CVE-2024-25581
was published
May 14, 2024
Incomplete fix for CVE-2024-1929
The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon...
High
Unreviewed
CVE-2024-2746
was published
May 8, 2024
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a...
High
Unreviewed
CVE-2024-1929
was published
May 8, 2024
An improper authorization level has been detected in the login panel. It may lead to...
Moderate
Unreviewed
CVE-2023-7240
was published
May 7, 2024
Memory corruption when the channel ID passed by user is not validated and further used.
High
Unreviewed
CVE-2024-21476
was published
May 6, 2024
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe...
Critical
Unreviewed
CVE-2024-4547
was published
May 6, 2024
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe...
Critical
Unreviewed
CVE-2024-4548
was published
May 6, 2024
In preloader, there is a possible escalation of privilege due to an insecure default value. This...
Unknown
Unreviewed
CVE-2024-20056
was published
May 6, 2024
In wlan service, there is a possible out of bounds write due to improper input validation. This...
Unknown
Unreviewed
CVE-2024-20064
was published
May 6, 2024
LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This...
High
Unreviewed
CVE-2023-40515
was published
May 3, 2024
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service...
Moderate
Unreviewed
CVE-2023-32170
was published
May 3, 2024
An Improper input validation vulnerability that could potentially lead to privilege escalation...
Critical
Unreviewed
CVE-2024-4142
was published
May 1, 2024
Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation
High
CVE-2023-36821
was published
for
uptime-kuma
(npm)
May 1, 2024
Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in...
Moderate
Unreviewed
CVE-2024-28979
was published
May 1, 2024
vyper performs incorrect topic logging in raw_log
Moderate
CVE-2024-32645
was published
for
vyper
(pip)
Apr 25, 2024
vyper performs double eval of the slice start/length args in certain cases
Moderate
CVE-2024-32646
was published
for
vyper
(pip)
Apr 25, 2024
Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability...
Moderate
Unreviewed
CVE-2024-4175
was published
Apr 25, 2024
A crafted response from an upstream server the recursor has been configured to forward-recurse to...
High
Unreviewed
CVE-2024-25583
was published
Apr 25, 2024
Heketi Arbitrary Code Execution
High
CVE-2017-15103
was published
for
github.com/heketi/heketi
(Go)
Apr 24, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in...
Low
Unreviewed
CVE-2024-28977
was published
Apr 24, 2024
Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API...
High
Unreviewed
CVE-2024-28976
was published
Apr 24, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
Low
CVE-2024-3177
was published
for
k8s.io/kubernetes
(Go)
Apr 23, 2024
ProTip!
Advisories are also available from the
GraphQL API