Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

4,830 advisories

Loading
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information... Moderate Unreviewed
CVE-2024-22338 was published May 31, 2024
Moodle broken access control when setting calendar event type Moderate
CVE-2024-33996 was published for moodle/moodle (Composer) May 31, 2024
Missing security headers in Action Pack on non-HTML responses Moderate
CVE-2024-28103 was published for actionpack (RubyGems) Jun 4, 2024
shinkbr
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... Moderate Unreviewed
CVE-2024-23669 was published Jun 5, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an... Moderate Unreviewed
CVE-2024-20405 was published Jun 5, 2024
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally... Moderate Unreviewed
CVE-2024-32856 was published Jun 13, 2024
Apache Superset server arbitrary file read Moderate
CVE-2024-34693 was published for apache-superset (pip) Jun 20, 2024
There is an insufficient input validation vulnerability in the Warehouse component of Absolute... Moderate Unreviewed
CVE-2024-37346 was published Jun 20, 2024
Lightning Network Daemon (LND)'s onion processing logic leads to a denial of service Moderate
CVE-2024-38359 was published for github.com/lightningnetwork/lnd (Go) Jun 20, 2024
morehouse
Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited... Moderate Unreviewed
CVE-2024-3036 was published Jun 21, 2024
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter... Moderate Unreviewed
CVE-2024-6239 was published Jun 21, 2024
Arbitrary File Creation in opencart Moderate
CVE-2024-21519 was published for opencart/opencart (Composer) Jun 22, 2024
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious... Moderate Unreviewed
CVE-2024-0158 was published Jul 2, 2024
github.com/google/nftable IP addresses were encoded in the wrong byte order Moderate
CVE-2024-6284 was published for github.com/google/nftables (Go) Jul 4, 2024
Microsoft Windows Codecs Library Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38055 was published Jul 9, 2024
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability Moderate Unreviewed
CVE-2024-38105 was published Jul 9, 2024
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile... Moderate Unreviewed
CVE-2024-27386 was published Jul 9, 2024
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile... Moderate Unreviewed
CVE-2024-27385 was published Jul 9, 2024
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-5913 was published Jul 10, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper... Moderate Unreviewed
CVE-2024-39513 was published Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper... Moderate Unreviewed
CVE-2024-39511 was published Jul 11, 2024
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a... Moderate Unreviewed
CVE-2024-27241 was published Jul 15, 2024
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before... Moderate Unreviewed
CVE-2024-39827 was published Jul 15, 2024
Apache CXF Denial of Service vulnerability in JOSE Moderate
CVE-2024-32007 was published for org.apache.cxf:cxf-rt-rs-security-jose (Maven) Jul 19, 2024
Apache Syncope Improper Input Validation vulnerability Moderate
CVE-2024-38503 was published for org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui (Maven) Jul 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database