GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,798
Composer 4,249
Erlang 31
GitHub Actions 21
Go 2,018
Maven 5,203
npm 3,723
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 857
Swift 36

Unreviewed advisories

All unreviewed 236,319

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,007 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The... Low Unreviewed

CVE-2024-21105 was published Apr 17, 2024

Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php... Low Unreviewed

CVE-2024-53502 was published Dec 4, 2024

It was identified that in certain versions of Octopus Server, that a user created with no... Low Unreviewed

CVE-2024-4226 was published Apr 30, 2024

Vulnerability of null references in the motor module.Successful exploitation of this... Low Unreviewed

CVE-2023-52371 was published Feb 18, 2024

The Client secret is not checked when using the OAuth Password grant type. By exploiting this... Low Unreviewed

CVE-2024-12056 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of... Low Unreviewed

CVE-2024-54158 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed

CVE-2024-54155 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed

CVE-2024-54153 was published Dec 4, 2024

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed

CVE-2024-53921 was published Dec 3, 2024

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... Low Unreviewed

CVE-2024-21174 was published Jul 17, 2024

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which... Low Unreviewed

CVE-2024-7998 was published Aug 21, 2024

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1... Low Unreviewed

CVE-2023-42939 was published Feb 21, 2024

Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged... Low Unreviewed

CVE-2023-31307 was published Aug 13, 2024

Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk... Low Unreviewed

CVE-2024-38863 was published Oct 14, 2024

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported... Low Unreviewed

CVE-2024-20995 was published Apr 17, 2024

Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows... Low Unreviewed

CVE-2024-49414 was published Dec 3, 2024

Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows... Low Unreviewed

CVE-2024-49417 was published Dec 3, 2024

A security vulnerability in HPE IceWall products could be exploited remotely to cause... Low Unreviewed

CVE-2024-11856 was published Dec 2, 2024

Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse... Low Unreviewed

CVE-2023-37540 was published Feb 23, 2024

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE:... Low Unreviewed

CVE-2023-46051 was published Mar 27, 2024

Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed

CVE-2024-53701 was published Nov 29, 2024

The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers... Low Unreviewed

CVE-2024-46939 was published Nov 28, 2024

The dynamic-widgets plugin before 1.5.11 for WordPress has XSS via the wp-admin/admin-ajax.php... Low Unreviewed

CVE-2015-9436 was published May 24, 2022

When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed

CVE-2024-36464 was published Nov 27, 2024

The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid... Low Unreviewed

CVE-2024-36468 was published Nov 27, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,007 advisories