GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,642 advisories
Filter by severity
Concrete CMS Stored Cross-site Scripting vulnerability
Low
CVE-2024-4350
was published
for
concrete5/concrete5
(Composer)
Aug 12, 2024
Apache DolphinScheduler: Resource File Read And Write Vulnerability
High
CVE-2024-30188
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Aug 12, 2024
Apache DolphinScheduler: RCE by arbitrary js execution
High
CVE-2024-29831
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Aug 12, 2024
Concrete CMS Stored XSS in getAttributeSetName
Low
CVE-2024-7394
was published
for
concrete5/concrete5
(Composer)
Aug 8, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-6254
was published
Aug 8, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533...
High
Unreviewed
CVE-2024-7005
was published
Aug 6, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533...
Moderate
Unreviewed
CVE-2024-7004
was published
Aug 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command...
High
Unreviewed
CVE-2024-23483
was published
Aug 6, 2024
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7...
Critical
Unreviewed
CVE-2024-6915
was published
Aug 5, 2024
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite...
Moderate
Unreviewed
CVE-2024-21978
was published
Aug 5, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). The...
High
Unreviewed
CVE-2024-38879
was published
Aug 2, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not...
High
Unreviewed
CVE-2024-40721
was published
Aug 2, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not...
High
Unreviewed
CVE-2024-40720
was published
Aug 2, 2024
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type.
Critical
Unreviewed
CVE-2024-42458
was published
Aug 2, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting
Low
CVE-2024-4353
was published
for
concrete5/concrete5
(Composer)
Aug 1, 2024
Improper Input Validation of query search results for private field data in PingIDM OPENIDM ...
Low
Unreviewed
CVE-2024-23600
was published
Aug 1, 2024
A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307...
High
Unreviewed
CVE-2023-1577
was published
Jul 31, 2024
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow...
Moderate
Unreviewed
CVE-2017-3772
was published
Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows Command...
Moderate
Unreviewed
CVE-2024-6978
was published
Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows OS Command...
High
Unreviewed
CVE-2024-6973
was published
Jul 31, 2024
Weave server API vulnerable to arbitrary file leak
High
CVE-2024-7340
was published
for
weave
(pip)
Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data...
High
Unreviewed
CVE-2024-39950
was published
Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data...
High
Unreviewed
CVE-2024-39948
was published
Jul 31, 2024
A vulnerability has been found in Dahua products.Attackers
can send carefully crafted data...
High
Unreviewed
CVE-2024-39944
was published
Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data...
High
Unreviewed
CVE-2024-39949
was published
Jul 31, 2024
ProTip!
Advisories are also available from the
GraphQL API