GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
513 advisories
Filter by severity
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker...
Low
Unreviewed
CVE-2024-47486
was published
Oct 18, 2024
NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line...
Low
Unreviewed
CVE-2024-0123
was published
Oct 3, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on...
Low
Unreviewed
CVE-2023-6950
was published
Apr 2, 2024
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform...
Low
Unreviewed
CVE-2023-49578
was published
Dec 12, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,...
Low
Unreviewed
CVE-2023-32114
was published
Jun 13, 2023
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted...
Low
Unreviewed
CVE-2024-8443
was published
Sep 10, 2024
A privacy issue was addressed by moving sensitive data to a protected location. This issue is...
Low
Unreviewed
CVE-2024-40838
was published
Sep 17, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®...
Low
Unreviewed
CVE-2024-6326
was published
Jul 16, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,...
Low
Unreviewed
CVE-2024-27125
was published
Sep 6, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject...
Low
Unreviewed
CVE-2024-38858
was published
Sep 2, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
“socket” module provides a pure...
Low
Unreviewed
CVE-2024-3219
was published
Jul 30, 2024
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7722
was published
Aug 21, 2024
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize...
Low
Unreviewed
CVE-2023-20513
was published
Aug 13, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-41731
was published
Aug 13, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-28166
was published
Aug 13, 2024
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not...
Low
Unreviewed
CVE-2024-5445
was published
Aug 12, 2024
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user...
Low
Unreviewed
CVE-2024-31870
was published
Jun 15, 2024
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in...
Low
Unreviewed
CVE-2024-40777
was published
Jul 30, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site...
Low
Unreviewed
CVE-2024-6620
was published
Jul 29, 2024
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows...
Low
Unreviewed
CVE-2020-1464
was published
May 24, 2022
A vulnerability has been identified in Node.js, affecting users of the experimental permission...
Low
Unreviewed
CVE-2024-22018
was published
Jul 10, 2024
A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled...
Low
Unreviewed
CVE-2024-6501
was published
Jul 9, 2024
The Premium Addons for Elementor plugin for WordPress is vulnerable to Regular Expression Denial...
Low
Unreviewed
CVE-2024-6434
was published
Jul 4, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote...
Low
Unreviewed
CVE-2024-36257
was published
Jul 3, 2024
An Unverified Password Change could allow a malicious actor with API access to the device to...
Low
Unreviewed
CVE-2024-29208
was published
May 7, 2024
ProTip!
Advisories are also available from the
GraphQL API