GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,680 advisories
Filter by severity
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a...
Moderate
Unreviewed
CVE-2013-5919
was published
May 14, 2022
A vulnerability can occur when capturing a media stream when the media source type is changed as...
Critical
Unreviewed
CVE-2018-5156
was published
May 14, 2022
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and...
High
Unreviewed
CVE-2016-5272
was published
May 14, 2022
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on...
High
Unreviewed
CVE-2016-5284
was published
May 14, 2022
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a...
High
Unreviewed
CVE-2023-28738
was published
Jan 19, 2024
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to...
Moderate
Unreviewed
CVE-2019-9812
was published
May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could...
Moderate
Unreviewed
CVE-2023-47746
was published
Jan 22, 2024
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server...
High
Unreviewed
CVE-2010-1896
was published
May 14, 2022
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,...
High
Unreviewed
CVE-2011-0657
was published
May 13, 2022
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003...
High
Unreviewed
CVE-2012-0157
was published
May 4, 2022
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input...
High
Unreviewed
CVE-2024-3152
was published
Jun 6, 2024
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege...
Critical
Unreviewed
CVE-2023-28805
was published
Oct 23, 2023
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
High
Unreviewed
CVE-2024-6333
was published
Oct 17, 2024
A URL parameter during login flow was vulnerable to injection. An attacker could insert a...
Moderate
Unreviewed
CVE-2023-28799
was published
Jun 22, 2023
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
High
Unreviewed
CVE-2024-9348
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is ...
Moderate
Unreviewed
CVE-2024-29155
was published
Oct 16, 2024
An unauthenticated local attacker can gain admin privileges by deploying a config file due to...
High
Unreviewed
CVE-2024-45271
was published
Oct 15, 2024
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory...
High
Unreviewed
CVE-2024-6207
was published
Oct 14, 2024
TAIWAN-CA(TWCA) JCICSecurityTool's Registry-related functions have insufficient filtering for...
Moderate
Unreviewed
CVE-2023-48387
was published
Dec 15, 2023
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for...
Critical
Unreviewed
CVE-2023-41355
was published
Nov 3, 2023
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to...
High
Unreviewed
CVE-2023-30691
was published
Aug 10, 2023
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS...
High
Unreviewed
CVE-2024-8755
was published
Oct 11, 2024
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &...
Moderate
Unreviewed
CVE-2024-9507
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API