Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,730 advisories

Loading
Openshift Console insufficient entropy vulnerability Moderate
CVE-2024-6508 was published for github.com/openshift/console (Go) Aug 21, 2024
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0,... Moderate Unreviewed
CVE-2024-31404 was published Jun 11, 2024
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits... Moderate Unreviewed
CVE-2024-28834 was published Mar 21, 2024
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass. Moderate Unreviewed
CVE-2024-39337 was published Jun 24, 2024
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise... High Unreviewed
CVE-2024-30156 was published Mar 24, 2024
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while... Moderate Unreviewed
CVE-2024-33858 was published May 7, 2024
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS)... High Unreviewed
CVE-2024-7409 was published Aug 5, 2024
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can... Moderate Unreviewed
CVE-2024-33850 was published Jun 10, 2024
In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL... Moderate Unreviewed
CVE-2024-50281 was published Nov 19, 2024
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the... Moderate Unreviewed
CVE-2024-37820 was published Jun 25, 2024
An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV... Moderate Unreviewed
CVE-2024-37654 was published Jun 22, 2024
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate... Moderate Unreviewed
CVE-2024-50299 was published Nov 19, 2024
Vulnerability of input data not being verified in the cellular data module.Successful... High Unreviewed
CVE-2023-52377 was published Feb 18, 2024
An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard... Unknown Unreviewed
CVE-2024-51367 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after... Unknown Unreviewed
CVE-2024-53095 was published Nov 21, 2024
Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable... Moderate Unreviewed
CVE-2024-49588 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpage_ok()... Unknown Unreviewed
CVE-2024-53094 was published Nov 21, 2024
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows... Unknown Unreviewed
CVE-2024-51366 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer... Unknown Unreviewed
CVE-2024-53093 was published Nov 21, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute... Unknown Unreviewed
CVE-2024-51364 was published Nov 21, 2024
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'load_orders... Moderate Unreviewed
CVE-2024-9828 was published Nov 21, 2024
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. High Unreviewed
CVE-2024-53334 was published Nov 21, 2024
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows... Unknown Unreviewed
CVE-2024-51365 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and... Unknown Unreviewed
CVE-2024-53091 was published Nov 21, 2024
Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function. High Unreviewed
CVE-2024-48286 was published Nov 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database