Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Loading
Windows GDI Information Disclosure Vulnerability. High Unreviewed
CVE-2022-21904 was published Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915. High Unreviewed
CVE-2022-21880 was published Jan 12, 2022
Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a... High Unreviewed
CVE-2024-24985 was published Nov 13, 2024
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an... High Unreviewed
CVE-2023-34119 was published Jul 11, 2023
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20124 was published May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download... High Unreviewed
CVE-2021-20123 was published May 24, 2022
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted... High Unreviewed
CVE-2022-24975 was published Feb 12, 2022
Windows MSHTML Platform Spoofing Vulnerability High Unreviewed
CVE-2024-38112 was published Jul 9, 2024
Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an... High Unreviewed
CVE-2024-21813 was published May 16, 2024
A local attacker with low privileges can read and modify any users files and cause a DoS in the... High Unreviewed
CVE-2023-5751 was published Jun 4, 2024
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to... High Unreviewed
CVE-2024-3019 was published Mar 28, 2024
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... High Unreviewed
CVE-2022-24309 was published Mar 9, 2022
Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate... High Unreviewed
CVE-2023-6096 was published Apr 26, 2024
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to... High Unreviewed
CVE-2023-26588 was published Apr 11, 2023
The Bluetooth module has a vulnerability in permission control for broadcast notifications... High Unreviewed
CVE-2023-44101 was published Oct 11, 2023
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ... High Unreviewed
CVE-2023-44122 was published Sep 27, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The... High Unreviewed
CVE-2023-43783 was published Sep 22, 2023
Vulnerability of input parameters being not strictly verified in the AMS module. Successful... High Unreviewed
CVE-2023-39383 was published Aug 13, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients'... High Unreviewed
CVE-2023-38830 was published Aug 10, 2023
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information... High Unreviewed
CVE-2023-38955 was published Aug 3, 2023
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe... High Unreviewed
CVE-2023-3670 was published Jul 28, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an... High Unreviewed
CVE-2022-46901 was published Jul 25, 2023
An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-37599 was published Jul 14, 2023
An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed
CVE-2023-31818 was published Jul 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database