Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

92,864 advisories

Loading
A java deserialization vulnerability in HPE Remote Insight Support allows an unauthenticated... High Unreviewed
CVE-2024-53673 was published Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed
CVE-2024-53675 was published Nov 27, 2024
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow... High Unreviewed
CVE-2024-53674 was published Nov 27, 2024
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this... High Unreviewed
CVE-2024-11745 was published Nov 26, 2024
Microsoft Dynamics 365 Sales Spoofing Vulnerability High Unreviewed
CVE-2024-49053 was published Nov 26, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed
CVE-2024-49052 was published Nov 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5... High Unreviewed
CVE-2024-8114 was published Nov 26, 2024
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
The Contact Form 7 Email Add on plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-10898 was published Nov 26, 2024
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. High Unreviewed
CVE-2024-53335 was published Nov 26, 2024
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed
CVE-2024-52336 was published Nov 26, 2024
A CSV injection vulnerability in Taiga v6.8.1 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53555 was published Nov 26, 2024
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2024-9461 was published Nov 26, 2024
Malicious websites may have been able to user intent confirmation through tapjacking. This could... High Unreviewed
CVE-2024-11700 was published Nov 26, 2024
Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have... High Unreviewed
CVE-2024-11702 was published Nov 26, 2024
When handling keypress events, an attacker may have been able to trick a user into bypassing the ... High Unreviewed
CVE-2024-11697 was published Nov 26, 2024
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed
CVE-2024-11699 was published Nov 26, 2024
QSEE will randomly experience a fatal error during execution due to speculative instruction... High Unreviewed
CVE-2016-10408 was published Nov 26, 2024
Crafted Binder Request Causes Heap UAF in MediaServer High Unreviewed
CVE-2018-11816 was published Nov 26, 2024
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
Information disclosure possible while audio playback. High Unreviewed
CVE-2017-18307 was published Nov 26, 2024
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while... High Unreviewed
CVE-2018-5852 was published Nov 26, 2024
An attacker could have caused memory corruption due to a flaw in Apple's GPU driver; this can be... High Unreviewed
CVE-2024-11691 was published Nov 26, 2024
VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor... High Unreviewed
CVE-2024-38831 was published Nov 26, 2024
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor... High Unreviewed
CVE-2024-38832 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database