GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,164 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (lm95234) Fix...
High
Unreviewed
CVE-2024-46758
was published
Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (nct6775-core) Fix...
High
Unreviewed
CVE-2024-46757
was published
Sep 18, 2024
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This...
High
Unreviewed
CVE-2024-42323
was published
Sep 21, 2024
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request...
High
Unreviewed
CVE-2024-47220
was published
Sep 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
ila: call...
High
Unreviewed
CVE-2024-46782
was published
Sep 18, 2024
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role)...
High
Unreviewed
CVE-2024-47210
was published
Sep 22, 2024
OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at...
High
Unreviewed
CVE-2023-43907
was published
Oct 1, 2023
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (w83627ehf) Fix...
High
Unreviewed
CVE-2024-46756
was published
Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved:
ice: move...
High
Unreviewed
CVE-2024-46766
was published
Sep 18, 2024
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (adc128d818) Fix...
High
Unreviewed
CVE-2024-46759
was published
Sep 18, 2024
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1...
High
Unreviewed
CVE-2024-41228
was published
Sep 23, 2024
Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2024-23934
was published
Sep 23, 2024
In wlan firmware, there is a possible firmware assertion due to improper input handling. This...
High
Unreviewed
CVE-2023-32820
was published
Oct 2, 2023
Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in...
High
Unreviewed
CVE-2022-35908
was published
Sep 29, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
High
Unreviewed
CVE-2022-39422
was published
Oct 19, 2022
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via scan_folder.
High
Unreviewed
CVE-2024-46648
was published
Sep 20, 2024
Securepoint UTM before 12.6.5 mishandles OTP codes.
High
Unreviewed
CVE-2024-39340
was published
Jul 12, 2024
eNMS up to 4.7.1 is vulnerable to Directory Traversal via download/folder.
High
Unreviewed
CVE-2024-46649
was published
Sep 20, 2024
eNMS 4.0.0 is vulnerable to Directory Traversal via get_tree_files.
High
Unreviewed
CVE-2024-46645
was published
Sep 20, 2024
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a...
High
Unreviewed
CVE-2023-36628
was published
Oct 3, 2023
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP...
High
Unreviewed
CVE-2022-2277
was published
Sep 15, 2022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-7835
was published
Sep 23, 2024
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization...
High
Unreviewed
CVE-2024-7015
was published
Sep 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side...
High
Unreviewed
CVE-2024-43989
was published
Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix out-of...
High
Unreviewed
CVE-2024-46725
was published
Sep 18, 2024
ProTip!
Advisories are also available from the
GraphQL API