Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,169 advisories

Loading
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers... Low Unreviewed
CVE-2024-46939 was published Nov 28, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft... Low Unreviewed
CVE-2024-42332 was published Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from... Low Unreviewed
CVE-2024-42331 was published Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory... Low Unreviewed
CVE-2024-42333 was published Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid... Low Unreviewed
CVE-2024-36468 was published Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the... Low Unreviewed
CVE-2024-42329 was published Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is... Low Unreviewed
CVE-2024-42328 was published Nov 27, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API Low
CVE-2024-52008 was published for ethyca-fides (pip) Nov 26, 2024
h0wl andres-torres-marroquin
daveqnet erosselli
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi... Low Unreviewed
CVE-2024-8160 was published Nov 26, 2024
deno_doc's HTML generator vulnerable to Cross-site Scripting Low
CVE-2024-32468 was published for deno_doc (Rust) Nov 25, 2024
NeKzor
@sveltejs/kit vulnerable to on dev mode 404 page Low
CVE-2024-53261 was published for @sveltejs/kit (npm) Nov 25, 2024
benmccann eltigerchino
@sveltejs/kit has unescaped error message included on error page Low
CVE-2024-53262 was published for @sveltejs/kit (npm) Nov 25, 2024
dominikg eltigerchino
benmccann
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
Duplicate Advisory: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path Low
GHSA-6vrw-mpj8-3j59 was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 25, 2024 withdrawn
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-10710 was published Nov 25, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability.... Low Unreviewed
CVE-2024-7511 was published Nov 23, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9251 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9256 was published Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2024-9252 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9253 was published Nov 23, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9246 was published Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-7391 was published Nov 23, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9761 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database