Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,505 advisories

Loading
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533... High Unreviewed
CVE-2024-7005 was published Aug 6, 2024
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533... Unknown Unreviewed
CVE-2024-7004 was published Aug 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command... High Unreviewed
CVE-2024-23483 was published Aug 6, 2024
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7... Critical Unreviewed
CVE-2024-6915 was published Aug 5, 2024
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite... Moderate Unreviewed
CVE-2024-21978 was published Aug 5, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not... High Unreviewed
CVE-2024-40720 was published Aug 2, 2024
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). The... High Unreviewed
CVE-2024-38879 was published Aug 2, 2024
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not... High Unreviewed
CVE-2024-40721 was published Aug 2, 2024
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type. Critical Unreviewed
CVE-2024-42458 was published Aug 2, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting Low
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
Improper Input Validation of query search results for private field data in PingIDM OPENIDM ... Low Unreviewed
CVE-2024-23600 was published Aug 1, 2024
A path hijacking vulnerability was reported in Lenovo Driver Manager prior to version 3.1.1307... High Unreviewed
CVE-2023-1577 was published Jul 31, 2024
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow... Moderate Unreviewed
CVE-2017-3772 was published Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows OS Command... High Unreviewed
CVE-2024-6973 was published Jul 31, 2024
Improper Input Validation vulnerability in Cato Networks SDP Client on Windows allows Command... Moderate Unreviewed
CVE-2024-6978 was published Jul 31, 2024
Weave server API vulnerable to arbitrary file leak High
CVE-2024-7340 was published for weave (pip) Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data... High Unreviewed
CVE-2024-39950 was published Jul 31, 2024
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data... High Unreviewed
CVE-2024-39944 was published Jul 31, 2024
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data... High Unreviewed
CVE-2024-39948 was published Jul 31, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions Low
CVE-2024-41945 was published for @fuel-ts/account (npm) Jul 30, 2024
Torres-ssf danielbate
Dhaiwat10 petertonysmith94 maschad arboleya
The AIomatic - Automatic AI Content Writer for WordPress is vulnerable to arbitrary email sending... Moderate Unreviewed
CVE-2024-5969 was published Jul 27, 2024
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards... High Unreviewed
CVE-2023-38522 was published Jul 26, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed
CVE-2024-35161 was published Jul 26, 2024
Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force... Unknown Unreviewed
CVE-2024-35296 was published Jul 26, 2024
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name &... Unknown Unreviewed
CVE-2024-25090 was published Jul 26, 2024
ProTip! Advisories are also available from the GraphQL API