Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,246
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
@backstage/plugin-techdocs-backend vulnerable to circumvention of cross site scripting protection Moderate
CVE-2024-46976 was published for @backstage/plugin-techdocs-backend (npm) Sep 17, 2024
Mattermost Desktop App fails to sufficiently configure Electron Fuses Low
CVE-2024-45835 was published for mattermost-desktop (npm) Sep 16, 2024
Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing... Moderate Unreviewed
CVE-2024-45833 was published Sep 16, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-43487 was published Sep 10, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-38217 was published Sep 10, 2024
Microsoft Publisher Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38226 was published Sep 10, 2024
Twig has a possible sandbox bypass High
CVE-2024-45411 was published for twig/twig (Composer) Sep 9, 2024
fabpot stof
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up... Moderate Unreviewed
CVE-2022-4100 was published Aug 31, 2024
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated,... Moderate Unreviewed
CVE-2024-20284 was published Aug 28, 2024
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated,... Moderate Unreviewed
CVE-2024-20286 was published Aug 28, 2024
Mattermost allows remote/synthetic users to create sessions, reset passwords Moderate
CVE-2024-39836 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may... Moderate Unreviewed
CVE-2024-24980 was published Aug 14, 2024
Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and... High Unreviewed
CVE-2024-24983 was published Aug 14, 2024
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network... High Unreviewed
CVE-2024-23499 was published Aug 14, 2024
Windows SmartScreen Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38180 was published Aug 13, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-38213 was published Aug 13, 2024
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter,... High Unreviewed
CVE-2024-0101 was published Aug 8, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2023-42918 was published Jul 29, 2024
Rapid7 InsightVM Console versions below 6.6.260 suffer from a protection mechanism failure... Moderate Unreviewed
CVE-2024-6504 was published Jul 18, 2024
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed.... Moderate Unreviewed
CVE-2024-6741 was published Jul 15, 2024
Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-38070 was published Jul 9, 2024
Azure CycleCloud Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38092 was published Jul 9, 2024
BitLocker Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-38058 was published Jul 9, 2024
Due to a Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP... Moderate Unreviewed
CVE-2024-39599 was published Jul 9, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote... High Unreviewed
CVE-2024-27713 was published Jul 5, 2024
ProTip! Advisories are also available from the GraphQL API