Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

797 advisories

Loading
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This... Critical Unreviewed
CVE-2024-7591 was published Sep 5, 2024
An issue in Vypor Attack API System v.1.0 allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2024-44808 was published Sep 4, 2024
A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0,... Critical Unreviewed
CVE-2024-44809 was published Sep 4, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... Critical Unreviewed
CVE-2024-7988 was published Aug 26, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live... Critical Unreviewed
CVE-2024-42531 was published Aug 23, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45167 was published Aug 22, 2024
Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-21810 was published Aug 14, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... Critical Unreviewed
CVE-2024-41940 was published Aug 13, 2024
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7... Critical Unreviewed
CVE-2024-6915 was published Aug 5, 2024
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type. Critical Unreviewed
CVE-2024-42458 was published Aug 2, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed
CVE-2024-35161 was published Jul 26, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.... Critical Unreviewed
CVE-2024-23469 was published Jul 17, 2024
Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on... Critical Unreviewed
CVE-2024-6298 was published Jul 5, 2024
Under certain circumstances the web interface will accept characters unrelated to the expected... Critical Unreviewed
CVE-2024-32755 was published Jul 2, 2024
Inadequate input validation exposes the system to potential remote code execution (RCE) risks.... Critical Unreviewed
CVE-2023-41917 was published Jul 2, 2024
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify... Critical Unreviewed
CVE-2024-5276 was published Jun 25, 2024
An improper input validation vulnerability was discovered in Avaya IP Office that could allow... Critical Unreviewed
CVE-2024-4196 was published Jun 25, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... Critical Unreviewed
CVE-2024-34108 was published Jun 13, 2024
An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0,... Critical Unreviewed
CVE-2024-35213 was published Jun 11, 2024
Authentication bypass in dtale Critical
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow.... Critical Unreviewed
CVE-2024-5171 was published Jun 5, 2024
qdrant input validation failure Critical
CVE-2024-3829 was published for qdrant-client (pip) Jun 3, 2024
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint Critical
CVE-2024-3584 was published for qdrant (Rust) Jun 2, 2024
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command... Critical Unreviewed
CVE-2024-36053 was published May 19, 2024
ProTip! Advisories are also available from the GraphQL API