Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

74 advisories

Loading
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow... High Unreviewed
CVE-2024-47549 was published Oct 25, 2024
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. High Unreviewed
CVE-2024-9348 was published Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for... High Unreviewed
CVE-2024-45219 was published Oct 16, 2024
An unauthenticated local attacker can gain admin privileges by deploying a config file due to... High Unreviewed
CVE-2024-45271 was published Oct 15, 2024
Apache Airflow vulnerable to Improper Encoding or Escaping of Output High
CVE-2024-45498 was published for apache-airflow (pip) Sep 7, 2024
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible... High Unreviewed
CVE-2024-34739 was published Aug 16, 2024
Windows App Installer Spoofing Vulnerability High Unreviewed
CVE-2024-38177 was published Aug 13, 2024
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with... High Unreviewed
CVE-2024-38473 was published Jul 1, 2024
An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via... High Unreviewed
CVE-2024-27629 was published Jun 29, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed
CVE-2024-4177 was published Jun 6, 2024
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a... High Unreviewed
CVE-2024-1064 was published Feb 3, 2024
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a... High Unreviewed
CVE-2023-28738 was published Jan 19, 2024
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52102 was published Jan 16, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this... High Unreviewed
CVE-2023-52098 was published Jan 16, 2024
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers... High Unreviewed
CVE-2023-45539 was published Nov 28, 2023
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device High
CVE-2023-43620 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can... High Unreviewed
CVE-2023-4571 was published Aug 30, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful... High Unreviewed
CVE-2023-39386 was published Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module.... High Unreviewed
CVE-2023-39390 was published Aug 13, 2023
Input verification vulnerability in the audio module. Successful exploitation of this... High Unreviewed
CVE-2023-39382 was published Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this... High Unreviewed
CVE-2023-39381 was published Aug 13, 2023
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability... High Unreviewed
CVE-2022-36392 was published Aug 11, 2023
PrestaShop XSS injection through Validate::isCleanHTML method High
CVE-2023-39527 was published for prestashop/prestashop (Composer) Aug 9, 2023
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability... High Unreviewed
CVE-2023-3997 was published Jul 31, 2023
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was... High Unreviewed
CVE-2022-43713 was published Jul 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database