GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,994 advisories
Filter by severity
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers...
Low
Unreviewed
CVE-2024-46939
was published
Nov 28, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to...
Low
Unreviewed
CVE-2024-36464
was published
Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory...
Low
Unreviewed
CVE-2024-42333
was published
Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft...
Low
Unreviewed
CVE-2024-42332
was published
Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from...
Low
Unreviewed
CVE-2024-42331
was published
Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid...
Low
Unreviewed
CVE-2024-36468
was published
Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the...
Low
Unreviewed
CVE-2024-42329
was published
Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is...
Low
Unreviewed
CVE-2024-42328
was published
Nov 27, 2024
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon...
Low
Unreviewed
CVE-2024-22117
was published
Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi...
Low
Unreviewed
CVE-2024-8160
was published
Nov 26, 2024
Improper handling of WiFi information by framework services can allow certain malicious...
Low
Unreviewed
CVE-2020-12492
was published
Nov 25, 2024
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings...
Low
Unreviewed
CVE-2024-10710
was published
Nov 25, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9251
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9256
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability...
Low
Unreviewed
CVE-2024-9252
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9253
was published
Nov 23, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9246
was published
Nov 23, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability....
Low
Unreviewed
CVE-2024-7511
was published
Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7391
was published
Nov 23, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9761
was published
Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9763
was published
Nov 22, 2024
Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9760
was published
Nov 22, 2024
Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9762
was published
Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9749
was published
Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9753
was published
Nov 22, 2024
ProTip!
Advisories are also available from the
GraphQL API