Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90,164 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix... High Unreviewed
CVE-2024-46758 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix... High Unreviewed
CVE-2024-46757 was published Sep 18, 2024
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).  This... High Unreviewed
CVE-2024-42323 was published Sep 21, 2024
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request... High Unreviewed
CVE-2024-47220 was published Sep 22, 2024
In the Linux kernel, the following vulnerability has been resolved: ila: call... High Unreviewed
CVE-2024-46782 was published Sep 18, 2024
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role)... High Unreviewed
CVE-2024-47210 was published Sep 22, 2024
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at... High Unreviewed
CVE-2023-43907 was published Oct 1, 2023
In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix... High Unreviewed
CVE-2024-46756 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: ice: move... High Unreviewed
CVE-2024-46766 was published Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix... High Unreviewed
CVE-2024-46759 was published Sep 18, 2024
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1... High Unreviewed
CVE-2024-41228 was published Sep 23, 2024
Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-23934 was published Sep 23, 2024
In wlan firmware, there is a possible firmware assertion due to improper input handling. This... High Unreviewed
CVE-2023-32820 was published Oct 2, 2023
Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in... High Unreviewed
CVE-2022-35908 was published Sep 29, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... High Unreviewed
CVE-2022-39422 was published Oct 19, 2022
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder. High Unreviewed
CVE-2024-46648 was published Sep 20, 2024
Securepoint UTM before 12.6.5 mishandles OTP codes. High Unreviewed
CVE-2024-39340 was published Jul 12, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder. High Unreviewed
CVE-2024-46649 was published Sep 20, 2024
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files. High Unreviewed
CVE-2024-46645 was published Sep 20, 2024
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a... High Unreviewed
CVE-2023-36628 was published Oct 3, 2023
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP... High Unreviewed
CVE-2022-2277 was published Sep 15, 2022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-7835 was published Sep 23, 2024
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization... High Unreviewed
CVE-2024-7015 was published Sep 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side... High Unreviewed
CVE-2024-43989 was published Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of... High Unreviewed
CVE-2024-46725 was published Sep 18, 2024
ProTip! Advisories are also available from the GraphQL API