Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

95,326 advisories

Loading
In da, there is a possible permission bypass due to a missing permission check. This could lead... High Unreviewed
CVE-2024-20005 was published Mar 4, 2024
In da, there is a possible out of bounds write due to improper input validation. This could lead... High Unreviewed
CVE-2024-20027 was published Mar 4, 2024
A directory listing vulnerability in Customer Support System v1 allows attackers to list... High Unreviewed
CVE-2023-49979 was published Mar 21, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has... High Unreviewed
CVE-2024-7441 was published Aug 3, 2024
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied... High Unreviewed
CVE-2024-2053 was published Mar 21, 2024
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an... High Unreviewed
CVE-2024-2915 was published Mar 26, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and... High Unreviewed
CVE-2024-7439 was published Aug 3, 2024
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker... High Unreviewed
CVE-2023-40290 was published Mar 27, 2024
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66... High Unreviewed
CVE-2023-40289 was published Mar 27, 2024
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a... High Unreviewed
CVE-2024-33787 was published May 3, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533... High Unreviewed
CVE-2024-7005 was published Aug 6, 2024
A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer,... High Unreviewed
CVE-2024-7502 was published Aug 6, 2024
Anti-tampering can be disabled under certain conditions without signature validation. This... High Unreviewed
CVE-2024-23456 was published Aug 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command... High Unreviewed
CVE-2024-23483 was published Aug 6, 2024
While copying individual autoupdater log files, reparse point check was missing which could... High Unreviewed
CVE-2024-23458 was published Aug 6, 2024
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin... High Unreviewed
CVE-2024-23464 was published Aug 6, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive... High Unreviewed
CVE-2024-31916 was published Jun 27, 2024
The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2,... High Unreviewed
CVE-2024-33844 was published May 3, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-28675 was published Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the... High Unreviewed
CVE-2024-28431 was published Mar 13, 2024
Nuxt vulnerable to remote code execution via the browser when running the test locally High
CVE-2024-34344 was published for nuxt (npm) Aug 5, 2024
Ry0taK
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of... High Unreviewed
CVE-2024-41686 was published Jul 26, 2024
Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver... High Unreviewed
CVE-2024-41995 was published Aug 6, 2024
ProTip! Advisories are also available from the GraphQL API