GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
408 advisories
Filter by severity
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This...
Moderate
Unreviewed
CVE-2024-11159
was published
Nov 13, 2024
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not...
Moderate
Unreviewed
CVE-2020-10369
was published
Nov 11, 2024
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not...
Moderate
Unreviewed
CVE-2020-10367
was published
Nov 11, 2024
An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through...
Moderate
Unreviewed
CVE-2023-37305
was published
Jun 30, 2023
In the LG LAF component, there is a special command that allowed modification of certain...
High
Unreviewed
CVE-2018-9364
was published
Nov 19, 2024
A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2020-26062
was published
Nov 18, 2024
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected...
Moderate
Unreviewed
CVE-2024-6129
was published
Jun 18, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-6056
was published
Jun 17, 2024
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to...
Moderate
Unreviewed
CVE-2024-41741
was published
Nov 1, 2024
Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may...
High
Unreviewed
CVE-2024-28885
was published
Nov 13, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack...
High
Unreviewed
CVE-2024-7010
was published
Oct 29, 2024
A potential security vulnerability has been reported in the system BIOS of certain HP PC products...
High
Unreviewed
CVE-2023-5410
was published
Mar 12, 2024
In the Linux kernel, the following vulnerability has been resolved:
x86: fix user address...
Moderate
Unreviewed
CVE-2024-50102
was published
Nov 5, 2024
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a...
Moderate
Unreviewed
CVE-2023-6935
was published
Feb 10, 2024
i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden...
Low
Unreviewed
CVE-2023-36325
was published
Oct 9, 2024
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-40490
was published
Nov 1, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically...
High
Unreviewed
CVE-2024-5124
was published
Jun 6, 2024
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem...
High
Unreviewed
CVE-2023-34669
was published
Jul 17, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21208
was published
Oct 15, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported...
Moderate
Unreviewed
CVE-2024-21233
was published
Oct 15, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21251
was published
Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are...
Low
Unreviewed
CVE-2024-21210
was published
Oct 15, 2024
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business...
Moderate
Unreviewed
CVE-2024-21206
was published
Oct 15, 2024
By checking the result of calls to `window.open` with specifically set protocol handlers, an...
Moderate
Unreviewed
CVE-2024-9398
was published
Oct 1, 2024
This issue occurs during password recovery, where a difference in messages could allow an...
Moderate
Unreviewed
CVE-2024-2464
was published
Mar 21, 2024
ProTip!
Advisories are also available from the
GraphQL API