GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
57 advisories
Filter by severity
A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3...
High
Unreviewed
CVE-2024-46547
was published
Dec 9, 2024
In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper...
High
Unreviewed
CVE-2018-9433
was published
Nov 20, 2024
Gradio before 4.20 allows credential leakage on Windows.
High
Unreviewed
CVE-2024-34510
was published
May 5, 2024
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow...
High
Unreviewed
CVE-2024-47549
was published
Oct 25, 2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this...
High
Unreviewed
CVE-2023-52098
was published
Jan 16, 2024
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this...
High
Unreviewed
CVE-2023-52102
was published
Jan 16, 2024
Interactive Forms (IAF) in GX Software XperienCentral versions 10.33.1 until 10.35.0 was...
High
Unreviewed
CVE-2022-43713
was published
Jul 26, 2023
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a...
High
Unreviewed
CVE-2023-28738
was published
Jan 19, 2024
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
High
Unreviewed
CVE-2024-9348
was published
Oct 16, 2024
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers...
High
Unreviewed
CVE-2023-45539
was published
Nov 28, 2023
An unauthenticated local attacker can gain admin privileges by deploying a config file due to...
High
Unreviewed
CVE-2024-45271
was published
Oct 15, 2024
Input verification vulnerability in the audio module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39382
was published
Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39381
was published
Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module....
High
Unreviewed
CVE-2023-39390
was published
Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful...
High
Unreviewed
CVE-2023-39386
was published
Aug 13, 2023
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible...
High
Unreviewed
CVE-2024-34739
was published
Aug 16, 2024
Windows App Installer Spoofing Vulnerability
High
Unreviewed
CVE-2024-38177
was published
Aug 13, 2024
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with...
High
Unreviewed
CVE-2024-38473
was published
Jul 1, 2024
An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via...
High
Unreviewed
CVE-2024-27629
was published
Jun 29, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server...
High
Unreviewed
CVE-2024-4177
was published
Jun 6, 2024
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with...
High
Unreviewed
CVE-2023-36921
was published
Jul 11, 2023
Controller DoS due to stack overflow when decoding a message from the server
High
Unreviewed
CVE-2023-24480
was published
Jul 13, 2023
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)...
High
Unreviewed
CVE-2019-12675
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API