GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,538 advisories
Filter by severity
A security vulnerability has been identified in the cryptlib cryptographic library when cryptlib...
Moderate
Unreviewed
CVE-2024-0202
was published
Feb 5, 2024
A reflected
cross-site scripting (XSS) vulnerability exists in the SVG version of System...
Moderate
Unreviewed
CVE-2023-6028
was published
Feb 5, 2024
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before...
Moderate
Unreviewed
CVE-2024-0953
was published
Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-24838
was published
Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-24841
was published
Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-24839
was published
Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-24865
was published
Feb 5, 2024
A race condition was found in the Linux kernel's bluetooth device driver in {min,max...
Moderate
Unreviewed
CVE-2024-24860
was published
Feb 5, 2024
A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min...
Moderate
Unreviewed
CVE-2024-24857
was published
Feb 5, 2024
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max...
Moderate
Unreviewed
CVE-2024-24858
was published
Feb 5, 2024
A race condition was found in the Linux kernel's drm/exynos device driver in...
Moderate
Unreviewed
CVE-2024-22386
was published
Feb 5, 2024
A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set()...
Moderate
Unreviewed
CVE-2024-24859
was published
Feb 5, 2024
A race condition was found in the Linux kernel's sound/hda device driver in snd_hdac_regmap_sync...
Moderate
Unreviewed
CVE-2024-23196
was published
Feb 5, 2024
A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan...
Moderate
Unreviewed
CVE-2024-24855
was published
Feb 5, 2024
A race condition was found in the Linux kernel's media/dvb-core in dvbdmx_write() function. This...
Moderate
Unreviewed
CVE-2024-24864
was published
Feb 5, 2024
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead...
Moderate
Unreviewed
CVE-2024-20012
was published
Feb 5, 2024
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could...
Moderate
Unreviewed
CVE-2024-20013
was published
Feb 5, 2024
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead...
Moderate
Unreviewed
CVE-2024-20010
was published
Feb 5, 2024
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2024-20002
was published
Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-24870
was published
Feb 5, 2024
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to...
Moderate
Unreviewed
CVE-2024-20006
was published
Feb 5, 2024
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to...
Moderate
Unreviewed
CVE-2024-20016
was published
Feb 5, 2024
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2024-20001
was published
Feb 5, 2024
Vintage,
member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay...
Moderate
Unreviewed
CVE-2023-5800
was published
Feb 5, 2024
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a...
Moderate
Unreviewed
CVE-2023-5677
was published
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API