Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,649
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

229,227 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS... Moderate Unreviewed
CVE-2024-23282 was published Jun 10, 2024
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Moderate Unreviewed
CVE-2024-27792 was published Jun 10, 2024
Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an... Moderate Unreviewed
CVE-2024-22279 was published Jun 10, 2024
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Arbitrary file deletion... Critical Unreviewed
CVE-2024-32167 was published Jun 10, 2024
An information disclosure issue was addressed by removing the vulnerable code. This issue is... Moderate Unreviewed
CVE-2022-32933 was published Jun 10, 2024
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... High Unreviewed
CVE-2022-48578 was published Jun 10, 2024
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS... High Unreviewed
CVE-2022-32897 was published Jun 10, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS... High Unreviewed
CVE-2024-23299 was published Jun 10, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed
CVE-2024-37393 was published Jun 10, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2024-23251 was published Jun 10, 2024
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2022-48683 was published Jun 10, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Low Unreviewed
CVE-2024-27799 was published Jun 10, 2024
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1... Critical Unreviewed
CVE-2024-37051 was published Jun 10, 2024
Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack (XSS). An attacker... Moderate Unreviewed
CVE-2024-3850 was published Jun 10, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-35744 was published Jun 10, 2024
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode... Low Unreviewed
CVE-2024-35749 was published Jun 10, 2024
A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow... High Unreviewed
CVE-2024-5102 was published Jun 10, 2024
Fuji Electric Monitouch V-SFT is vulnerable to a type confusion, which could cause a crash or... High Unreviewed
CVE-2024-5597 was published Jun 10, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-35743 was published Jun 10, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-35754 was published Jun 10, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress... Critical Unreviewed
CVE-2024-35746 was published Jun 10, 2024
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form... Moderate Unreviewed
CVE-2024-35747 was published Jun 10, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed
CVE-2024-35728 was published Jun 10, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'... Moderate Unreviewed
CVE-2024-35680 was published Jun 10, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-35712 was published Jun 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database