Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,421 advisories

Loading
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
A Segmentation Fault issue discovered in Samsung Open Source Escargot JavaScript engine ... Moderate Unreviewed
CVE-2024-32672 was published May 14, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ... Unknown Unreviewed
CVE-2024-2257 was published May 14, 2024
When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are... High Unreviewed
CVE-2024-25581 was published May 14, 2024
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon... High Unreviewed
CVE-2024-2746 was published May 8, 2024
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a... High Unreviewed
CVE-2024-1929 was published May 8, 2024
 An improper authorization level has been detected in the login panel. It may lead to... Moderate Unreviewed
CVE-2023-7240 was published May 7, 2024
Memory corruption when the channel ID passed by user is not validated and further used. High Unreviewed
CVE-2024-21476 was published May 6, 2024
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed
CVE-2024-4547 was published May 6, 2024
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed
CVE-2024-4548 was published May 6, 2024
In preloader, there is a possible escalation of privilege due to an insecure default value. This... Unknown Unreviewed
CVE-2024-20056 was published May 6, 2024
In wlan service, there is a possible out of bounds write due to improper input validation. This... Unknown Unreviewed
CVE-2024-20064 was published May 6, 2024
LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This... High Unreviewed
CVE-2023-40515 was published May 3, 2024
Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service... Moderate Unreviewed
CVE-2023-32170 was published May 3, 2024
An Improper input validation vulnerability that could potentially lead to privilege escalation... Critical Unreviewed
CVE-2024-4142 was published May 1, 2024
Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation High
CVE-2023-36821 was published for uptime-kuma (npm) May 1, 2024
n-thumann
Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in... Moderate Unreviewed
CVE-2024-28979 was published May 1, 2024
vyper performs incorrect topic logging in raw_log Moderate
CVE-2024-32645 was published for vyper (pip) Apr 25, 2024
chen-robert
vyper performs double eval of the slice start/length args in certain cases Moderate
CVE-2024-32646 was published for vyper (pip) Apr 25, 2024
cyberthirst
Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability... Moderate Unreviewed
CVE-2024-4175 was published Apr 25, 2024
A crafted response from an upstream server the recursor has been configured to forward-recurse to... High Unreviewed
CVE-2024-25583 was published Apr 25, 2024
Heketi Arbitrary Code Execution High
CVE-2017-15103 was published for github.com/heketi/heketi (Go) Apr 24, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API... High Unreviewed
CVE-2024-28976 was published Apr 24, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Low
CVE-2024-3177 was published for k8s.io/kubernetes (Go) Apr 23, 2024
ProTip! Advisories are also available from the GraphQL API