Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

121,360 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check... Moderate Unreviewed
CVE-2024-46773 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free... Moderate Unreviewed
CVE-2024-46779 was published Sep 18, 2024
YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient... Moderate Unreviewed
CVE-2024-7846 was published Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach... Moderate Unreviewed
CVE-2024-46770 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check... Moderate Unreviewed
CVE-2024-46772 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw... Moderate Unreviewed
CVE-2024-46799 was published Sep 18, 2024
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser... Moderate Unreviewed
CVE-2024-8652 was published Sep 19, 2024
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that... Moderate Unreviewed
CVE-2024-8651 was published Sep 19, 2024
A stored cross-site scripting (XSS) vulnerability exists in NetBox 4.1.0 within the ... Moderate Unreviewed
CVE-2024-47226 was published Sep 22, 2024
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58... Moderate Unreviewed
CVE-2024-8907 was published Sep 17, 2024
In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in... Moderate Unreviewed
CVE-2024-46763 was published Sep 18, 2024
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a... Moderate Unreviewed
CVE-2024-8909 was published Sep 17, 2024
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via... Moderate Unreviewed
CVE-2024-46241 was published Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup... Moderate Unreviewed
CVE-2024-46781 was published Sep 18, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote... Moderate Unreviewed
CVE-2024-8908 was published Sep 17, 2024
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote... Moderate Unreviewed
CVE-2024-8906 was published Sep 17, 2024
In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible... Moderate Unreviewed
CVE-2024-46762 was published Sep 18, 2024
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser... Moderate Unreviewed
CVE-2024-8653 was published Sep 19, 2024
Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This... Moderate Unreviewed
CVE-2024-23933 was published Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule... Moderate Unreviewed
CVE-2024-46760 was published Sep 18, 2024
Cross-site Scripting in html5lib Moderate
CVE-2016-9910 was published for html5lib (pip) May 17, 2022
Cross-site Scripting in invenio-previewer Moderate
CVE-2019-1020019 was published for invenio-previewer (pip) Jul 16, 2019
Exposure of Sensitive Information to an Unauthorized Actor in httpie Moderate
CVE-2022-24737 was published for httpie (pip) Mar 7, 2022
Indico vulnerable to Cross-Site-Scripting via confirmation prompts Moderate
CVE-2023-37901 was published for indico (pip) Jul 21, 2023
ThiefMaster
Authorization Bypass in I hate money Moderate
CVE-2020-15120 was published for ihatemoney (pip) Jul 27, 2020
zorun
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database