GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Filter by severity

Sort by

Least recently updated

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow... High Unreviewed

CVE-2024-47549 was published Oct 25, 2024

A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33... Moderate Unreviewed

CVE-2024-40088 was published Oct 21, 2024

Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. High Unreviewed

CVE-2024-9348 was published Oct 16, 2024

Account users in Apache CloudStack by default are allowed to upload and register templates for... High Unreviewed

CVE-2024-45219 was published Oct 16, 2024

An unauthenticated local attacker can gain admin privileges by deploying a config file due to... High Unreviewed

CVE-2024-45271 was published Oct 15, 2024

An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x... Moderate Unreviewed

CVE-2023-45359 was published Oct 9, 2024

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS... Moderate Unreviewed

CVE-2024-47845 was published Oct 5, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2... Low Unreviewed

CVE-2024-4099 was published Sep 27, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),... Critical Unreviewed

CVE-2024-7873 was published Sep 17, 2024

A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-8297 was published Aug 29, 2024

In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible... High Unreviewed

CVE-2024-34739 was published Aug 16, 2024

Windows App Installer Spoofing Vulnerability High Unreviewed

CVE-2024-38177 was published Aug 13, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6... Moderate Unreviewed

CVE-2024-6329 was published Aug 8, 2024

IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper... Moderate Unreviewed

CVE-2023-26289 was published Jul 30, 2024

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header... Moderate Unreviewed

CVE-2024-39736 was published Jul 15, 2024

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an... Critical Unreviewed

CVE-2024-38475 was published Jul 1, 2024

Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with... High Unreviewed

CVE-2024-38473 was published Jul 1, 2024

Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows... Critical Unreviewed

CVE-2024-38474 was published Jul 1, 2024

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via... High Unreviewed

CVE-2024-27629 was published Jun 29, 2024

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed

CVE-2024-4177 was published Jun 6, 2024

There exists a Denial of service vulnerability in Tink-cc in versions prior to 2.1.3. * An... Unknown Unreviewed

CVE-2024-4420 was published May 21, 2024

A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a... High Unreviewed

CVE-2024-1064 was published Feb 3, 2024

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to... Critical Unreviewed

CVE-2023-47143 was published Feb 2, 2024

A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1... Moderate Unreviewed

CVE-2024-0987 was published Jan 29, 2024

Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed... Low Unreviewed

CVE-2024-22229 was published Jan 24, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

144 advisories