GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
4,782 advisories
Filter by severity
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious...
Moderate
Unreviewed
CVE-2024-0158
was published
Jul 2, 2024
Arbitrary File Creation in opencart
Moderate
CVE-2024-21519
was published
for
opencart/opencart
(Composer)
Jun 22, 2024
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter...
Moderate
Unreviewed
CVE-2024-6239
was published
Jun 21, 2024
Improper Input Validation vulnerability in ABB 800xA Base.
An attacker who successfully exploited...
Moderate
Unreviewed
CVE-2024-3036
was published
Jun 21, 2024
Lightning Network Daemon (LND)'s onion processing logic leads to a denial of service
Moderate
CVE-2024-38359
was published
for
github.com/lightningnetwork/lnd
(Go)
Jun 20, 2024
There is an insufficient input validation vulnerability in
the Warehouse component of Absolute...
Moderate
Unreviewed
CVE-2024-37346
was published
Jun 20, 2024
Apache Superset server arbitrary file read
Moderate
CVE-2024-34693
was published
for
apache-superset
(pip)
Jun 20, 2024
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally...
Moderate
Unreviewed
CVE-2024-32856
was published
Jun 13, 2024
Arbitrary file deletion in litellm
Moderate
CVE-2024-4888
was published
for
litellm
(pip)
Jun 6, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an...
Moderate
Unreviewed
CVE-2024-20405
was published
Jun 5, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
Moderate
Unreviewed
CVE-2024-23669
was published
Jun 5, 2024
Missing security headers in Action Pack on non-HTML responses
Moderate
CVE-2024-28103
was published
for
actionpack
(RubyGems)
Jun 4, 2024
Moodle ReCAPTCHA can be bypassed on the login page
Moderate
CVE-2024-34009
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle broken access control when setting calendar event type
Moderate
CVE-2024-33996
was published
for
moodle/moodle
(Composer)
May 31, 2024
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information...
Moderate
Unreviewed
CVE-2024-22338
was published
May 31, 2024
TYPO3 Brute Force Protection Bypass in backend login
Moderate
GHSA-jqr8-q455-xx45
was published
for
typo3/cms
(Composer)
May 30, 2024
Symfony has unsafe methods in the Request class
Moderate
CVE-2015-2309
was published
for
symfony/http-foundation
(Composer)
May 30, 2024
Symfony has a security issue when parsing the Authorization header
Moderate
CVE-2014-6061
was published
for
symfony/http-foundation
(Composer)
May 30, 2024
silverstripe/framework uploaded PHP script execution in assets
Moderate
GHSA-f43j-8hq4-2xj9
was published
for
silverstripe/framework
(Composer)
May 27, 2024
Improper input validation for some Intel(R) DLB driver software before version 8.5.0 may allow an...
Moderate
Unreviewed
CVE-2024-22015
was published
May 16, 2024
Improper input validation in firmware for some Intel(R) FPGA products before version 2.9.1 may...
Moderate
Unreviewed
CVE-2024-22390
was published
May 16, 2024
Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated...
Moderate
Unreviewed
CVE-2023-48368
was published
May 16, 2024
Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before...
Moderate
Unreviewed
CVE-2023-47210
was published
May 16, 2024
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may...
Moderate
Unreviewed
CVE-2023-47855
was published
May 16, 2024
Improper input validation of EpsdSrMgmtConfig in UEFI firmware for some Intel(R) Server Board...
Moderate
Unreviewed
CVE-2023-22662
was published
May 16, 2024
ProTip!
Advisories are also available from the
GraphQL API