Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

304 advisories

Loading
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling Moderate
CVE-2024-39832 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct... High Unreviewed
CVE-2024-42224 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise... High Unreviewed
CVE-2024-42159 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of... High Unreviewed
CVE-2024-42160 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped... High Unreviewed
CVE-2024-42162 was published Jul 30, 2024
XMP Toolkit's `XmpFile::close` can trigger undefined behavior Low
GHSA-66fw-43h8-f8p3 was published for xmp_toolkit (Rust) Jul 26, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management... High Unreviewed
CVE-2024-39530 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked... High Unreviewed
CVE-2024-39545 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39540 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39535 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39519 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... Moderate Unreviewed
CVE-2024-39561 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of... High Unreviewed
CVE-2024-39559 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address... High Unreviewed
CVE-2024-39517 was published Jul 11, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39869 was published Jul 9, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-21586 was published Jul 1, 2024
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error... Moderate Unreviewed
CVE-2024-36481 was published Jun 21, 2024
socket.io has an unhandled 'error' event High
CVE-2024-38355 was published for socket.io (npm) Jun 19, 2024
Y0ursTruly
LNbits improperly handles potential network and payment failures when using Eclair backend High
CVE-2024-34694 was published for lnbits (pip) Jun 17, 2024
Semisol fishcakeday
irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not... High Unreviewed
CVE-2024-38461 was published Jun 16, 2024
Directus is soft-locked by providing a string value to random string util High
CVE-2024-36128 was published for directus (npm) Jun 4, 2024
Zehir
Tor Arti's STUB circuits incorrectly have a length of 2 High
CVE-2024-35312 was published for arti (Rust) May 18, 2024
Tor path lengths too short when "full Vanguards" configured Moderate
CVE-2024-35313 was published for arti (Rust) May 18, 2024
Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an... Low Unreviewed
CVE-2023-38420 was published May 16, 2024
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX High
CVE-2024-34360 was published for github.com/spacemeshos/api (Go) May 10, 2024
ProTip! Advisories are also available from the GraphQL API