GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,110
Erlang
29
GitHub Actions
19
Go
1,932
Maven
5,000+
npm
3,666
NuGet
642
pip
3,285
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,631 advisories
Filter by severity
Improper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-24463
was published
Oct 10, 2024
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an...
High
Unreviewed
CVE-2024-45117
was published
Oct 10, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper...
High
Unreviewed
CVE-2024-9286
was published
Oct 9, 2024
Livewire Remote Code Execution on File Uploads
High
CVE-2024-47823
was published
for
livewire/livewire
(Composer)
Oct 8, 2024
Windows Hyper-V Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-20659
was published
Oct 8, 2024
Windows Hyper-V Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30092
was published
Oct 8, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft...
Low
Unreviewed
CVE-2024-8518
was published
Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
Low
Unreviewed
CVE-2024-43697
was published
Oct 8, 2024
Memory corruption while taking snapshot when an offset variable is set by camera driver.
High
Unreviewed
CVE-2024-33065
was published
Oct 7, 2024
Memory corruption while redirecting log file to any file location with any file name.
Critical
Unreviewed
CVE-2024-33066
was published
Oct 7, 2024
In Modem, there is a possible system crash due to a missing bounds check. This could lead to...
High
Unreviewed
CVE-2024-20094
was published
Oct 7, 2024
An attacker can publish a zone containing specific Resource Record Sets.
Repeatedly processing...
High
Unreviewed
CVE-2024-25590
was published
Oct 3, 2024
Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of...
Moderate
Unreviewed
CVE-2024-45871
was published
Oct 3, 2024
Improper Input Validation in Buildah and Podman
Moderate
CVE-2024-9407
was published
for
github.com/containers/buildah
(Go)
Oct 1, 2024
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could...
High
Unreviewed
CVE-2024-6436
was published
Sep 27, 2024
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software...
High
Unreviewed
CVE-2024-20464
was published
Sep 25, 2024
Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote...
High
Unreviewed
CVE-2024-7023
was published
Sep 24, 2024
A flaw was found in Envoy. It is possible to modify or manipulate headers from external clients...
High
Unreviewed
CVE-2024-7207
was published
Sep 20, 2024
protobuf-java has potential Denial of Service issue
High
CVE-2024-7254
was published
for
com.google.protobuf:protobuf-java
(RubyGems)
Sep 19, 2024
In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right...
High
Unreviewed
CVE-2024-37406
was published
Sep 19, 2024
Mesop has a local file Inclusion via static file serving functionality
High
CVE-2024-45601
was published
for
mesop
(pip)
Sep 18, 2024
Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify...
Critical
Unreviewed
CVE-2024-8889
was published
Sep 18, 2024
Apache Druid: Users can provide MySQL JDBC properties not on allow list
Low
CVE-2024-45537
was published
for
org.apache.druid:druid
(Maven)
Sep 17, 2024
Contao affected by insert tag injection via canonical URL
Moderate
CVE-2024-45612
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
Improper input validation in some Intel(R) RAID Web Console software all versions may allow an...
Moderate
Unreviewed
CVE-2024-34545
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API