GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90,998 advisories
Filter by severity
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition...
High
Unreviewed
CVE-2024-9466
was published
Oct 9, 2024
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of...
High
Unreviewed
CVE-2024-45766
was published
Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9861
was published
Oct 17, 2024
The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors...
High
Unreviewed
CVE-2024-9215
was published
Oct 17, 2024
An Out-of-Bounds Read vulnerability in
the routing protocol daemon (rpd) of
Juniper Networks...
High
Unreviewed
CVE-2024-39516
was published
Oct 9, 2024
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based...
High
Unreviewed
CVE-2024-7994
was published
Oct 17, 2024
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds...
High
Unreviewed
CVE-2024-7993
was published
Oct 17, 2024
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter,...
High
Unreviewed
CVE-2024-9983
was published
Oct 15, 2024
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change...
High
Unreviewed
CVE-2024-44734
was published
Oct 11, 2024
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of...
High
Unreviewed
CVE-2024-33049
was published
Oct 7, 2024
SQL injection vulnerability in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions...
High
Unreviewed
CVE-2024-35584
was published
Oct 15, 2024
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing...
High
Unreviewed
CVE-2024-41311
was published
Oct 15, 2024
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote...
High
Unreviewed
CVE-2024-9955
was published
Oct 15, 2024
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723...
High
Unreviewed
CVE-2024-9956
was published
Oct 15, 2024
Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who...
High
Unreviewed
CVE-2024-9959
was published
Oct 15, 2024
Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote...
High
Unreviewed
CVE-2024-9961
was published
Oct 15, 2024
Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to...
High
Unreviewed
CVE-2024-9960
was published
Oct 15, 2024
SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction...
High
Unreviewed
CVE-2024-25407
was published
Feb 13, 2024
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a...
High
Unreviewed
CVE-2024-21455
was published
Oct 7, 2024
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who...
High
Unreviewed
CVE-2024-9957
was published
Oct 15, 2024
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing,...
High
Unreviewed
CVE-2024-49193
was published
Oct 12, 2024
An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request.
High
Unreviewed
CVE-2024-44775
was published
Oct 15, 2024
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.
High
Unreviewed
CVE-2024-33071
was published
Oct 7, 2024
Transient DOS while parsing ESP IE from beacon/probe response frame.
High
Unreviewed
CVE-2024-33070
was published
Oct 7, 2024
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226...
High
Unreviewed
CVE-2024-44729
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API