Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,996 advisories

Loading
i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden... Low Unreviewed
CVE-2023-36325 was published Oct 9, 2024
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before... Low Unreviewed
CVE-2024-27457 was published Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings Low Unreviewed
CVE-2024-47950 was published Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings Low Unreviewed
CVE-2024-47951 was published Oct 8, 2024
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2024-33506 was published Oct 8, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft... Low Unreviewed
CVE-2024-8518 was published Oct 8, 2024
Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to... Low Unreviewed
CVE-2024-34671 was published Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. Low Unreviewed
CVE-2024-43696 was published Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2024-43697 was published Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2024-45382 was published Oct 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-43687 was published Oct 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-43686 was published Oct 4, 2024
A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick... Low Unreviewed
CVE-2024-41511 was published Oct 4, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed
CVE-2024-0125 was published Oct 3, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed
CVE-2024-0124 was published Oct 3, 2024
NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line... Low Unreviewed
CVE-2024-0123 was published Oct 3, 2024
A remote code execution vulnerability in the project management of Wanxing Technology's Yitu... Low Unreviewed
CVE-2024-24122 was published Oct 2, 2024
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could... Low Unreviewed
CVE-2024-30132 was published Oct 1, 2024
This CVE has been rejected. Low Unreviewed
CVE-2024-8421 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface... Low Unreviewed
CVE-2024-28808 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed
CVE-2024-28811 was published Sep 30, 2024
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of... Low Unreviewed
CVE-2024-42496 was published Sep 30, 2024
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with... Low Unreviewed
CVE-2024-45744 was published Sep 27, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2... Low Unreviewed
CVE-2024-4099 was published Sep 27, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3... Low Unreviewed
CVE-2024-8974 was published Sep 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database