Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,769 advisories

Loading
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same... Low Unreviewed
CVE-2024-37664 was published Jun 17, 2024
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to... Low Unreviewed
CVE-2024-31047 was published Apr 9, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the... Low Unreviewed
CVE-2022-46498 was published Mar 7, 2024
An arbitrary file deletion vulnerability in ThinkSAAS v3.7 allows attackers to delete arbitrary... Low Unreviewed
CVE-2024-40455 was published Jul 16, 2024
Dell iDRAC Service Module version 5.3.0.0 and prior contains Out of bound write Vulnerability. A... Low Unreviewed
CVE-2024-38489 was published Aug 1, 2024
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS` Low
CVE-2024-41124 was published for puncia (pip) Jul 19, 2024
SCH227 g147
zenml-io/zenml does not expire the session after password reset Low
CVE-2024-4680 was published for zenml (pip) Jun 8, 2024
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1... Low Unreviewed
CVE-2024-4187 was published Jul 31, 2024
A denial-of-service vulnerability could allow an authenticated user to trigger an internal... Low Unreviewed
CVE-2022-4003 was published Jul 31, 2024
DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high... Low Unreviewed
CVE-2024-37135 was published Jul 31, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions Low
CVE-2024-41945 was published for @fuel-ts/account (npm) Jul 30, 2024
Torres-ssf danielbate
Dhaiwat10 petertonysmith94 maschad arboleya
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML... Low Unreviewed
CVE-2024-5250 was published Jul 30, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2022-33167 was published Jul 30, 2024
When a protocol selection parameter option disables all protocols without adding any then the... Low Unreviewed
CVE-2024-2004 was published Mar 27, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site... Low Unreviewed
CVE-2024-6620 was published Jul 29, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a... Low Unreviewed
CVE-2024-4786 was published Jul 26, 2024
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows... Low Unreviewed
CVE-2020-1464 was published May 24, 2022
XMP Toolkit's `XmpFile::close` can trigger undefined behavior Low
GHSA-66fw-43h8-f8p3 was published for xmp_toolkit (Rust) Jul 26, 2024
The kstring integration in gix-attributes is unsound Low
GHSA-cx7h-h87r-jpgr was published for gix-attributes (Rust) Jul 25, 2024
In affected versions of Octopus Server under certain conditions, a user with specific role... Low Unreviewed
CVE-2024-4811 was published Jul 25, 2024
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all... Low Unreviewed
CVE-2024-7060 was published Jul 25, 2024
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior... Low Unreviewed
CVE-2024-0231 was published Jul 25, 2024
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user... Low Unreviewed
CVE-2024-37533 was published Jul 24, 2024
There is a low severity open redirect vulnerability within affected versions of Bitbucket Data... Low Unreviewed
CVE-2024-21684 was published Jul 24, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the... Low Unreviewed
CVE-2024-3454 was published Jul 24, 2024
ProTip! Advisories are also available from the GraphQL API