Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90,998 advisories

Loading
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition... High Unreviewed
CVE-2024-9466 was published Oct 9, 2024
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of... High Unreviewed
CVE-2024-45766 was published Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9861 was published Oct 17, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors... High Unreviewed
CVE-2024-9215 was published Oct 17, 2024
An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks... High Unreviewed
CVE-2024-39516 was published Oct 9, 2024
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based... High Unreviewed
CVE-2024-7994 was published Oct 17, 2024
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds... High Unreviewed
CVE-2024-7993 was published Oct 17, 2024
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter,... High Unreviewed
CVE-2024-9983 was published Oct 15, 2024
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change... High Unreviewed
CVE-2024-44734 was published Oct 11, 2024
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of... High Unreviewed
CVE-2024-33049 was published Oct 7, 2024
SQL injection vulnerability in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions... High Unreviewed
CVE-2024-35584 was published Oct 15, 2024
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing... High Unreviewed
CVE-2024-41311 was published Oct 15, 2024
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote... High Unreviewed
CVE-2024-9955 was published Oct 15, 2024
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723... High Unreviewed
CVE-2024-9956 was published Oct 15, 2024
Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who... High Unreviewed
CVE-2024-9959 was published Oct 15, 2024
Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote... High Unreviewed
CVE-2024-9961 was published Oct 15, 2024
Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to... High Unreviewed
CVE-2024-9960 was published Oct 15, 2024
SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction... High Unreviewed
CVE-2024-25407 was published Feb 13, 2024
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a... High Unreviewed
CVE-2024-21455 was published Oct 7, 2024
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who... High Unreviewed
CVE-2024-9957 was published Oct 15, 2024
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing,... High Unreviewed
CVE-2024-49193 was published Oct 12, 2024
An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request. High Unreviewed
CVE-2024-44775 was published Oct 15, 2024
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. High Unreviewed
CVE-2024-33071 was published Oct 7, 2024
Transient DOS while parsing ESP IE from beacon/probe response frame. High Unreviewed
CVE-2024-33070 was published Oct 7, 2024
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226... High Unreviewed
CVE-2024-44729 was published Oct 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database