Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
In certain highly specific configurations of the host system and MongoDB server binary... Moderate Unreviewed
CVE-2024-8207 was published Aug 27, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been... Moderate Unreviewed
CVE-2024-7911 was published Aug 18, 2024
Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking Moderate
CVE-2024-7625 was published for github.com/hashicorp/nomad (Go) Aug 15, 2024
A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute... Moderate Unreviewed
CVE-2024-6079 was published Aug 13, 2024
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an... Moderate Unreviewed
CVE-2024-28962 was published Aug 6, 2024
snapd failed to properly check the destination of symbolic links when extracting a snap Moderate
CVE-2024-29069 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-38049 was published Jul 9, 2024
CometBFT is unstability during blocksync when syncing from malicious peer Moderate
GHSA-hg58-rf2h-6rr7 was published for github.com/cometbft/cometbft (Go) Jun 28, 2024
unknownfeature
Micronaut management endpoints vulnerable to drive-by localhost attack Moderate
CVE-2024-23639 was published for io.micronaut:micronaut-http-server (Maven) Feb 9, 2024
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by... Moderate Unreviewed
CVE-2024-0728 was published Jan 19, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49864 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49862 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49863 was published Jan 10, 2024
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been... Moderate Unreviewed
CVE-2023-6618 was published Dec 8, 2023
In visitUris of Notification.java, there is a possible way to display images from another user... Moderate Unreviewed
CVE-2023-35668 was published Dec 5, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user... Moderate Unreviewed
CVE-2023-34982 was published Nov 15, 2023
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused... Moderate Unreviewed
CVE-2023-40139 was published Oct 27, 2023
Local privilege escalation due to improper soft link handling. The following products are... Moderate Unreviewed
CVE-2023-44209 was published Oct 4, 2023
Local privilege escalation during recovery due to improper soft link handling. The following... Moderate Unreviewed
CVE-2022-46868 was published Aug 31, 2023
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall... Moderate Unreviewed
CVE-2023-35838 was published Aug 10, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... Moderate Unreviewed
CVE-2023-37856 was published Aug 9, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... Moderate Unreviewed
CVE-2023-37855 was published Aug 9, 2023
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated... Moderate Unreviewed
CVE-2023-38046 was published Jul 12, 2023
in-toto vulnerable to Configuration Read From Local Directory Moderate
CVE-2023-32076 was published for in-toto (pip) May 11, 2023
ProTip! Advisories are also available from the GraphQL API