GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,832 advisories
Filter by severity
Improper access control in Intel(R) RAID Web Console software all versions may allow an...
Low
Unreviewed
CVE-2024-36261
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Low
Unreviewed
CVE-2024-28170
was published
Sep 16, 2024
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to...
Low
Unreviewed
CVE-2023-25546
was published
Sep 16, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the...
Low
Unreviewed
CVE-2024-8869
was published
Sep 16, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Low
Unreviewed
CVE-2024-46970
was published
Sep 16, 2024
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not...
Low
Unreviewed
CVE-2024-36066
was published
Sep 12, 2024
An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2...
Low
Unreviewed
CVE-2024-6446
was published
Sep 12, 2024
Affected versions of Octopus Server had a weak content security policy.
Low
Unreviewed
CVE-2024-1656
was published
Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web...
Low
Unreviewed
CVE-2024-36511
was published
Sep 10, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted...
Low
Unreviewed
CVE-2024-8443
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Low
Unreviewed
CVE-2024-37995
was published
Sep 10, 2024
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory...
Low
Unreviewed
CVE-2024-42425
was published
Sep 10, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options...
Low
Unreviewed
CVE-2024-8258
was published
Sep 10, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A...
Low
Unreviewed
CVE-2024-39582
was published
Sep 10, 2024
An authenticated attacker with high privilege can use functions of SLCM transactions to which...
Low
Unreviewed
CVE-2024-45284
was published
Sep 10, 2024
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform...
Low
Unreviewed
CVE-2024-41728
was published
Sep 10, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to...
Low
Unreviewed
CVE-2024-44114
was published
Sep 10, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing...
Low
Unreviewed
CVE-2024-8042
was published
Sep 9, 2024
A vulnerability has been identified in Node.js, affecting users of the experimental permission...
Low
Unreviewed
CVE-2024-36137
was published
Sep 7, 2024
An improper certificate validation vulnerability has been reported to affect QuMagie. If...
Low
Unreviewed
CVE-2024-38642
was published
Sep 6, 2024
An improper restriction of excessive authentication attempts vulnerability has been reported to...
Low
Unreviewed
CVE-2024-32771
was published
Sep 6, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,...
Low
Unreviewed
CVE-2024-27125
was published
Sep 6, 2024
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when...
Low
Unreviewed
CVE-2024-6792
was published
Sep 6, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been...
Low
Unreviewed
CVE-2024-8417
was published
Sep 4, 2024
Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1...
Low
Unreviewed
CVE-2024-34649
was published
Sep 4, 2024
ProTip!
Advisories are also available from the
GraphQL API