GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
95,326 advisories
Filter by severity
In da, there is a possible permission bypass due to a missing permission check. This could lead...
High
Unreviewed
CVE-2024-20005
was published
Mar 4, 2024
In da, there is a possible out of bounds write due to improper input validation. This could lead...
High
Unreviewed
CVE-2024-20027
was published
Mar 4, 2024
A directory listing vulnerability in Customer Support System v1 allows attackers to list...
High
Unreviewed
CVE-2023-49979
was published
Mar 21, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has...
High
Unreviewed
CVE-2024-7441
was published
Aug 3, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied...
High
Unreviewed
CVE-2024-2053
was published
Mar 21, 2024
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an...
High
Unreviewed
CVE-2024-2915
was published
Mar 26, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and...
High
Unreviewed
CVE-2024-7439
was published
Aug 3, 2024
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker...
High
Unreviewed
CVE-2023-40290
was published
Mar 27, 2024
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66...
High
Unreviewed
CVE-2023-40289
was published
Mar 27, 2024
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a...
High
Unreviewed
CVE-2024-33787
was published
May 3, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533...
High
Unreviewed
CVE-2024-7005
was published
Aug 6, 2024
A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer,...
High
Unreviewed
CVE-2024-7502
was published
Aug 6, 2024
Anti-tampering can be disabled under certain conditions without signature validation. This...
High
Unreviewed
CVE-2024-23456
was published
Aug 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command...
High
Unreviewed
CVE-2024-23483
was published
Aug 6, 2024
While copying individual autoupdater log files, reparse point check was missing which could...
High
Unreviewed
CVE-2024-23458
was published
Aug 6, 2024
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin...
High
Unreviewed
CVE-2024-23464
was published
Aug 6, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
High
Unreviewed
CVE-2024-41616
was published
Aug 6, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2,...
High
Unreviewed
CVE-2024-33844
was published
May 3, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-28675
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the...
High
Unreviewed
CVE-2024-28431
was published
Mar 13, 2024
Nuxt vulnerable to remote code execution via the browser when running the test locally
High
CVE-2024-34344
was published
for
nuxt
(npm)
Aug 5, 2024
Incorrect Authorization vulnerability in Apache OFBiz.
This issue affects Apache OFBiz: through...
High
Unreviewed
CVE-2024-38856
was published
Aug 5, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of...
High
Unreviewed
CVE-2024-41686
was published
Jul 26, 2024
Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver...
High
Unreviewed
CVE-2024-41995
was published
Aug 6, 2024
ProTip!
Advisories are also available from the
GraphQL API