Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

99,857 advisories

Loading
OpenStack Identity service (keystone) Incorrect Authorization High
CVE-2017-2673 was published for keystone (pip) May 13, 2022
Hard coded credentials in FreeTAKServer High
CVE-2022-25510 was published for FreeTAKServer (pip) Mar 12, 2022
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization... High Unreviewed
CVE-2024-50264 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF... High Unreviewed
CVE-2023-52921 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size... High Unreviewed
CVE-2024-50282 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after... High Unreviewed
CVE-2024-50286 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after... High Unreviewed
CVE-2024-50283 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: net: vertexcom: mse102x: Fix... High Unreviewed
CVE-2024-50276 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: USB: serial: io_edgeport:... High Unreviewed
CVE-2024-50267 was published Nov 19, 2024
Ansible vulnerable to Insertion of Sensitive Information into Log File High
CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024
In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out... High Unreviewed
CVE-2024-50301 was published Nov 19, 2024
Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise... High Unreviewed
CVE-2024-30156 was published Mar 24, 2024
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS)... High Unreviewed
CVE-2024-7409 was published Aug 5, 2024
Vulnerability of input data not being verified in the cellular data module.Successful... High Unreviewed
CVE-2023-52377 was published Feb 18, 2024
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. High Unreviewed
CVE-2024-53334 was published Nov 21, 2024
Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function. High Unreviewed
CVE-2024-48286 was published Nov 21, 2024
A flaw was found in the X.org server. Due to improperly tracked allocation size in... High Unreviewed
CVE-2024-9632 was published Oct 30, 2024
lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain... High Unreviewed
CVE-2024-50654 was published Nov 15, 2024
Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability High
CVE-2024-9355 was published for github.com/golang-fips/openssl (Go) Oct 1, 2024
qmuntal
danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of... High Unreviewed
CVE-2024-29154 was published Mar 18, 2024
Apache DolphinScheduler sensitive information disclosure High
CVE-2023-48796 was published for apache-dolphinscheduler (Maven) Nov 24, 2023
Apache IoTDB Session Fixation vulnerability High
CVE-2022-38369 was published for apache-iotdb (Maven) Sep 6, 2022
Apache IoTDB grafana-connector contains an interface without authorization High
CVE-2022-38370 was published for org.apache.iotdb:iotdb-grafana-connector (Maven) Sep 6, 2022
Buffer overflow in wasm3 High
CVE-2022-28990 was published for pywasm3 (pip) May 21, 2022
Litestar allows unbounded resource consumption (DoS vulnerability) High
CVE-2024-52581 was published for litestar (pip) Nov 20, 2024
defnull
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database