GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,502

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

404 advisories

Filter by severity

Sort by

Least recently updated

In the LG LAF component, there is a special command that allowed modification of certain... High Unreviewed

CVE-2018-9364 was published Nov 19, 2024

A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated,... Moderate Unreviewed

CVE-2020-26062 was published Nov 18, 2024

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected... Moderate Unreviewed

CVE-2024-6129 was published Jun 18, 2024

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Moderate Unreviewed

CVE-2024-6056 was published Jun 17, 2024

IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed

CVE-2024-41741 was published Nov 1, 2024

Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may... High Unreviewed

CVE-2024-28885 was published Nov 13, 2024

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

A potential security vulnerability has been reported in the system BIOS of certain HP PC products... High Unreviewed

CVE-2023-5410 was published Mar 12, 2024

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address... Moderate Unreviewed

CVE-2024-50102 was published Nov 5, 2024

wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a... Moderate Unreviewed

CVE-2023-6935 was published Feb 10, 2024

i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden... Low Unreviewed

CVE-2023-36325 was published Oct 9, 2024

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information... High Unreviewed

CVE-2024-40490 was published Nov 1, 2024

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed

CVE-2024-5124 was published Jun 6, 2024

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem... High Unreviewed

CVE-2023-34669 was published Jul 17, 2023

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Moderate Unreviewed

CVE-2024-21233 was published Oct 15, 2024

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... Low Unreviewed

CVE-2024-21251 was published Oct 15, 2024

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed

CVE-2024-21208 was published Oct 15, 2024

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business... Moderate Unreviewed

CVE-2024-21206 was published Oct 15, 2024

Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are... Low Unreviewed

CVE-2024-21210 was published Oct 15, 2024

By checking the result of calls to `window.open` with specifically set protocol handlers, an... Moderate Unreviewed

CVE-2024-9398 was published Oct 1, 2024

This issue occurs during password recovery, where a difference in messages could allow an... Moderate Unreviewed

CVE-2024-2464 was published Mar 21, 2024

In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly... Moderate Unreviewed

CVE-2024-30176 was published May 1, 2024

Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed

CVE-2024-10463 was published Oct 29, 2024

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote... Moderate Unreviewed

CVE-2022-4025 was published Jan 3, 2023

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is... Moderate Unreviewed

CVE-2024-27839 was published May 14, 2024

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

404 advisories