GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10,067 advisories
Filter by severity
Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter...
Low
Unreviewed
CVE-2024-56512
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1822
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1823
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1821
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1824
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1820
was published
Dec 28, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1818
was published
Dec 27, 2024
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common...
Low
Unreviewed
CVE-2020-1819
was published
Dec 27, 2024
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could...
Low
Unreviewed
CVE-2020-9081
was published
Dec 27, 2024
There is an information vulnerability in Huawei smartphones. A function in a module can be called...
Low
Unreviewed
CVE-2020-9089
was published
Dec 27, 2024
There is an information disclosure vulnerability in several smartphones. The system has a logic...
Low
Unreviewed
CVE-2020-9082
was published
Dec 27, 2024
Some Honor products are affected by information leak vulnerability, successful exploitation could...
Low
Unreviewed
CVE-2024-47150
was published
Dec 26, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2024-47149
was published
Dec 26, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2024-47157
was published
Dec 26, 2024
Some Honor products are affected by information leak vulnerability, successful exploitation could...
Low
Unreviewed
CVE-2024-47156
was published
Dec 26, 2024
shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g.,...
Low
Unreviewed
CVE-2024-56433
was published
Dec 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were...
Low
Unreviewed
CVE-2023-5117
was published
Dec 25, 2024
Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber...
Low
Unreviewed
CVE-2024-55539
was published
Dec 23, 2024
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer...
Low
Unreviewed
CVE-2024-12014
was published
Dec 20, 2024
There is an insufficient authentication vulnerability in some Huawei smart phone. An...
Low
Unreviewed
CVE-2020-9250
was published
Dec 20, 2024
A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin ...
Low
Unreviewed
CVE-2024-9101
was published
Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote...
Low
Unreviewed
CVE-2024-49820
was published
Dec 17, 2024
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An...
Low
Unreviewed
CVE-2024-42194
was published
Dec 17, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in...
Low
Unreviewed
CVE-2024-9654
was published
Dec 17, 2024
Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android...
Low
Unreviewed
CVE-2024-54125
was published
Dec 17, 2024
ProTip!
Advisories are also available from the
GraphQL API