Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

103,834 advisories

Loading
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to cover read... High Unreviewed
CVE-2024-44941 was published Aug 26, 2024
The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an... High Unreviewed
CVE-2024-36446 was published Aug 13, 2024
A bug in the 9p authentication implementation within lib9p allows an attacker with an existing... High Unreviewed
CVE-2024-8158 was published Aug 26, 2024
free5GC AMF denial of service vulnerability High
CVE-2023-49391 was published for github.com/free5gc/amf (Go) Dec 22, 2023
A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an... High Unreviewed
CVE-2024-20430 was published Sep 12, 2024
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e... High Unreviewed
CVE-2024-41143 was published Jul 29, 2024
A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a... High Unreviewed
CVE-2023-52325 was published Jan 23, 2024
An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends... High Unreviewed
CVE-2024-23744 was published Jan 22, 2024
The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before... High Unreviewed
CVE-2023-46315 was published Oct 23, 2023
A privilege escalation vulnerability exists within the Qumu Multicast Extension v2 before 2.0.63... High Unreviewed
CVE-2023-45883 was published Oct 19, 2023
Directory Traversal in Babel High
CVE-2021-42771 was published for babel (pip) Oct 21, 2021
Apprise vulnerable to regex injection with IFTTT Plugin High
CVE-2021-39229 was published for apprise (pip) Sep 20, 2021
kevinbackhouse erik-krogh
Apache Airflow vulnerable to CSRF Attacks High
CVE-2019-0229 was published for apache-airflow (pip) Apr 18, 2019
Apache IoTDB subject to ReDOS with Java 8 High
CVE-2022-43766 was published for apache-iotdb (Maven) Oct 26, 2022
Cleanlab Deserialization of Untrusted Data vulnerability High
CVE-2024-45857 was published for cleanlab (pip) Sep 12, 2024
Pleaser privilege escalation vulnerability High
CVE-2023-46277 was published for pleaser (Rust) Oct 20, 2023
SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-42760 was published Sep 11, 2024
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the... High Unreviewed
CVE-2024-5694 was published Jun 11, 2024
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed
CVE-2024-45624 was published Sep 12, 2024
An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain... High Unreviewed
CVE-2023-38845 was published Oct 26, 2023
HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP... High Unreviewed
CVE-2023-5671 was published Oct 25, 2023
A memory corruption issue due to an improper length check in NI LabVIEW may disclose information... High Unreviewed
CVE-2024-4081 was published Jul 23, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17... High Unreviewed
CVE-2024-8640 was published Sep 12, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions... High Unreviewed
CVE-2024-8635 was published Sep 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database