Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117,795 advisories

Loading
ansible-runner 2.0.0 vulnerable to Race Condition Moderate
CVE-2021-3702 was published for ansible-runner (pip) Aug 24, 2022
ansible-runner 2.0.0 default temporary files written to world R/W locations Moderate
CVE-2021-3701 was published for ansible-runner (pip) Aug 24, 2022
Searching Opencast may cause a denial of service Moderate
CVE-2024-52797 was published for org.opencastproject:opencast-elasticsearch-impl (Maven) Nov 20, 2024
Moodle IDOR when accessing list of course badges Moderate
CVE-2024-48899 was published for moodle/moodle (Composer) Nov 20, 2024
Moodle Lesson activity password bypass through PHP loose comparison Moderate
CVE-2024-45691 was published for moodle/moodle (Composer) Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Change to non... Moderate Unreviewed
CVE-2024-50065 was published Oct 21, 2024
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2018-9485 was published Nov 20, 2024
In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a... Moderate Unreviewed
CVE-2018-9483 was published Nov 20, 2024
In bta_hd_get_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to improper... Moderate Unreviewed
CVE-2018-9480 was published Nov 20, 2024
In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn... Moderate Unreviewed
CVE-2018-9487 was published Nov 20, 2024
In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2018-9486 was published Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix... Moderate Unreviewed
CVE-2024-50056 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix firmware... Moderate Unreviewed
CVE-2024-46827 was published Sep 27, 2024
In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need... Moderate Unreviewed
CVE-2024-50060 was published Oct 21, 2024
A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3... Moderate Unreviewed
CVE-2024-52762 was published Nov 19, 2024
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2... Moderate Unreviewed
CVE-2024-2357 was published Mar 11, 2024
The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2024-3644 was published May 16, 2024
In intr_data_copy_cb of btif_hd.cc, there is a possible out of bounds read due to an integer... Moderate Unreviewed
CVE-2018-9482 was published Nov 20, 2024
In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an... Moderate Unreviewed
CVE-2018-9481 was published Nov 20, 2024
The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting... Moderate Unreviewed
CVE-2024-3048 was published Apr 26, 2024
cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs Moderate
GHSA-r4pg-vg54-wxx4 was published for github.com/cert-manager/cert-manager (Go) Nov 20, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers Moderate
CVE-2024-52796 was published for pwpush (RubyGems) Nov 20, 2024
django CMS Cross-Site Scripting (XSS) Moderate
CVE-2024-11319 was published for django-cms (pip) Nov 18, 2024
gnark's Groth16 commitment extension unsound for more than one commitment Moderate
CVE-2024-45039 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic ivokub
In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure... Moderate Unreviewed
CVE-2018-9420 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database