GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,769 advisories
Filter by severity
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same...
Low
Unreviewed
CVE-2024-37664
was published
Jun 17, 2024
An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to...
Low
Unreviewed
CVE-2024-31047
was published
Apr 9, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the...
Low
Unreviewed
CVE-2022-46498
was published
Mar 7, 2024
An arbitrary file deletion vulnerability in ThinkSAAS v3.7 allows attackers to delete arbitrary...
Low
Unreviewed
CVE-2024-40455
was published
Jul 16, 2024
Dell iDRAC Service Module version 5.3.0.0 and prior contains Out of bound write Vulnerability. A...
Low
Unreviewed
CVE-2024-38489
was published
Aug 1, 2024
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`
Low
CVE-2024-41124
was published
for
puncia
(pip)
Jul 19, 2024
zenml-io/zenml does not expire the session after password reset
Low
CVE-2024-4680
was published
for
zenml
(pip)
Jun 8, 2024
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1...
Low
Unreviewed
CVE-2024-4187
was published
Jul 31, 2024
A denial-of-service vulnerability could allow an authenticated user to trigger an internal...
Low
Unreviewed
CVE-2022-4003
was published
Jul 31, 2024
DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high...
Low
Unreviewed
CVE-2024-37135
was published
Jul 31, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions
Low
CVE-2024-41945
was published
for
@fuel-ts/account
(npm)
Jul 30, 2024
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML...
Low
Unreviewed
CVE-2024-5250
was published
Jul 30, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could...
Low
Unreviewed
CVE-2022-33167
was published
Jul 30, 2024
When a protocol selection parameter option disables all protocols without adding any then the...
Low
Unreviewed
CVE-2024-2004
was published
Mar 27, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site...
Low
Unreviewed
CVE-2024-6620
was published
Jul 29, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a...
Low
Unreviewed
CVE-2024-4786
was published
Jul 26, 2024
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows...
Low
Unreviewed
CVE-2020-1464
was published
May 24, 2022
XMP Toolkit's `XmpFile::close` can trigger undefined behavior
Low
GHSA-66fw-43h8-f8p3
was published
for
xmp_toolkit
(Rust)
Jul 26, 2024
The kstring integration in gix-attributes is unsound
Low
GHSA-cx7h-h87r-jpgr
was published
for
gix-attributes
(Rust)
Jul 25, 2024
In affected versions of Octopus Server under certain conditions, a user with specific role...
Low
Unreviewed
CVE-2024-4811
was published
Jul 25, 2024
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all...
Low
Unreviewed
CVE-2024-7060
was published
Jul 25, 2024
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior...
Low
Unreviewed
CVE-2024-0231
was published
Jul 25, 2024
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user...
Low
Unreviewed
CVE-2024-37533
was published
Jul 24, 2024
There is a low severity open redirect vulnerability within affected versions of Bitbucket Data...
Low
Unreviewed
CVE-2024-21684
was published
Jul 24, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the...
Low
Unreviewed
CVE-2024-3454
was published
Jul 24, 2024
ProTip!
Advisories are also available from the
GraphQL API