Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

353 advisories

Loading
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on... Low Unreviewed
CVE-2023-6950 was published Apr 2, 2024
Concrete CMS Stored XSS on the calendar color settings screen Low
CVE-2024-2753 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter Low
CVE-2024-3178 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Search Field Low
CVE-2024-3181 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing Low
CVE-2024-3179 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in blocks of type file Low
CVE-2024-3180 was published for concrete5/concrete5 (Composer) Apr 3, 2024
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2023-31028 was published Apr 5, 2024
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2024-0080 was published Apr 5, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Low
CVE-2024-3177 was published for k8s.io/kubernetes (Go) Apr 23, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an... Low Unreviewed
CVE-2023-43745 was published May 16, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26126 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26127 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-36226 was published Jun 13, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions Low
CVE-2024-41945 was published for @fuel-ts/account (npm) Jul 30, 2024
Torres-ssf danielbate
Dhaiwat10 petertonysmith94 maschad arboleya
Improper Input Validation of query search results for private field data in PingIDM OPENIDM ... Low Unreviewed
CVE-2024-23600 was published Aug 1, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting Low
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
Concrete CMS Stored XSS in getAttributeSetName Low
CVE-2024-7394 was published for concrete5/concrete5 (Composer) Aug 8, 2024
Concrete CMS Stored Cross-site Scripting vulnerability Low
CVE-2024-4350 was published for concrete5/concrete5 (Composer) Aug 12, 2024
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid... Low Unreviewed
CVE-2023-31366 was published Aug 13, 2024
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1... Low Unreviewed
CVE-2024-24973 was published Aug 14, 2024
Apache Druid: Users can provide MySQL JDBC properties not on allow list Low
CVE-2024-45537 was published for org.apache.druid:druid (Maven) Sep 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database