Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an... Moderate Unreviewed
CVE-2024-7006 was published Aug 12, 2024
In wlan, there is a possible denial of service due to incorrect error handling. This could lead... High Unreviewed
CVE-2024-20089 was published Sep 2, 2024
An application can be configured to block boot attempts after consecutive tamper resets are... Low Unreviewed
CVE-2024-2502 was published Aug 30, 2024
In pq, there is a possible write-what-where condition due to an incorrect bounds check. This... Moderate Unreviewed
CVE-2024-20037 was published Mar 4, 2024
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to... Moderate Unreviewed
CVE-2024-42411 was published Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value... High Unreviewed
CVE-2024-42284 was published Aug 17, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
Jenkins Remoting library arbitrary file read vulnerability Critical
CVE-2024-43044 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
CVE-2024-40619 IMPACT A denial-of-service vulnerability exists in the affected products. The... High Unreviewed
CVE-2024-40619 was published Aug 14, 2024
Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network... Moderate Unreviewed
CVE-2024-21806 was published Aug 14, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address... High Unreviewed
CVE-2024-39517 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of... High Unreviewed
CVE-2024-39559 was published Jul 11, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd)... Moderate Unreviewed
CVE-2024-39561 was published Jul 11, 2024
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source... Critical Unreviewed
CVE-2024-42154 was published Jul 30, 2024
socket.io has an unhandled 'error' event High
CVE-2024-38355 was published for socket.io (npm) Jun 19, 2024
Y0ursTruly
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39869 was published Jul 9, 2024
irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not... High Unreviewed
CVE-2024-38461 was published Jun 16, 2024
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling Moderate
CVE-2024-39832 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-21586 was published Jul 1, 2024
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped... High Unreviewed
CVE-2024-42162 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct... High Unreviewed
CVE-2024-42224 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: f2fs: check validation of... High Unreviewed
CVE-2024-42160 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise... High Unreviewed
CVE-2024-42159 was published Jul 30, 2024
Insufficient validation when decoding a Socket.IO packet High
CVE-2023-32695 was published for socket.io-parser (npm) May 23, 2023
rafax00 darrachequesne
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-39519 was published Jul 11, 2024
ProTip! Advisories are also available from the GraphQL API