Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,622 advisories

Loading
TYPO3 vulnerable to an HTML Injection in the History Module Low
CVE-2024-34355 was published for typo3/cms-core (Composer) May 14, 2024
andreaskienast bnf
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Low Unreviewed
CVE-2024-33583 was published May 14, 2024
A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36... Low Unreviewed
CVE-2024-32637 was published May 14, 2024
SAP Bank Account Management does not perform necessary authorization check for an authorized user... Low Unreviewed
CVE-2024-33000 was published May 14, 2024
PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an... Low Unreviewed
CVE-2024-33007 was published May 14, 2024
Memory handling issue in editcap could cause denial of service via crafted capture file Low Unreviewed
CVE-2024-4853 was published May 14, 2024
Use after free issue in editcap could cause denial of service via crafted capture file Low Unreviewed
CVE-2024-4855 was published May 14, 2024
Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an... Low Unreviewed
CVE-2024-4317 was published May 14, 2024
Duplicate Advisory: AVideo cross-site scripting vulnerability in the view/about.php page Low
GHSA-qvwg-c35p-rqhj was published for wwbn/avideo (Composer) May 14, 2024 withdrawn
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow an authenticated user to upload... Low Unreviewed
CVE-2023-47711 was published May 14, 2024
Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459 Low
GHSA-r95h-9x8f-r3f7 was published for nokogiri (RubyGems) May 13, 2024
CommanderStorm postmodern
octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage Low
CVE-2024-34079 was published for github.com/octo-sts/app (Go) May 13, 2024
enj
Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel Low
CVE-2024-34349 was published for sylius/sylius (Composer) May 10, 2024
thelounge may publicly disclose of all usernames/idents via port 113 Low
GHSA-g49q-jw42-6x85 was published for thelounge (npm) May 9, 2024
Juerd
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage... Low Unreviewed
CVE-2024-28971 was published May 8, 2024
Dell PowerProtect DM5500 version 5.15.0.0 and prior contains an insecure deserialization... Low Unreviewed
CVE-2024-22460 was published May 8, 2024
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34999 was published May 8, 2024
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-35000 was published May 8, 2024
Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2022-43652 was published May 8, 2024
BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-35001 was published May 8, 2024
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2022-43656 was published May 8, 2024
Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure... Low Unreviewed
CVE-2021-34970 was published May 8, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34969 was published May 8, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2021-34972 was published May 8, 2024
ProTip! Advisories are also available from the GraphQL API