GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,377

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,049 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings Low Unreviewed

CVE-2024-47950 was published Oct 8, 2024

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed

CVE-2024-33506 was published Oct 8, 2024

CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft... Low Unreviewed

CVE-2024-8518 was published Oct 8, 2024

Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to... Low Unreviewed

CVE-2024-34671 was published Oct 8, 2024

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed

CVE-2024-45382 was published Oct 8, 2024

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. Low Unreviewed

CVE-2024-43696 was published Oct 8, 2024

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed

CVE-2024-43697 was published Oct 8, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2024-43686 was published Oct 4, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed

CVE-2024-43687 was published Oct 4, 2024

A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick... Low Unreviewed

CVE-2024-41511 was published Oct 4, 2024

NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line... Low Unreviewed

CVE-2024-0123 was published Oct 3, 2024

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed

CVE-2024-0125 was published Oct 3, 2024

NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line... Low Unreviewed

CVE-2024-0124 was published Oct 3, 2024

A remote code execution vulnerability in the project management of Wanxing Technology's Yitu... Low Unreviewed

CVE-2024-24122 was published Oct 2, 2024

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could... Low Unreviewed

CVE-2024-30132 was published Oct 1, 2024

This CVE has been rejected. Low Unreviewed

CVE-2024-8421 was published Oct 1, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface... Low Unreviewed

CVE-2024-28808 was published Sep 30, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed

CVE-2024-28811 was published Sep 30, 2024

Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of... Low Unreviewed

CVE-2024-42496 was published Sep 30, 2024

TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with... Low Unreviewed

CVE-2024-45744 was published Sep 27, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2... Low Unreviewed

CVE-2024-4099 was published Sep 27, 2024

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3... Low Unreviewed

CVE-2024-8974 was published Sep 27, 2024

The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed

CVE-2024-47124 was published Sep 26, 2024

The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users. These callsigns reveal... Low Unreviewed

CVE-2024-45838 was published Sep 26, 2024

A vulnerability, which was classified as problematic, has been found in Enpass Password Manager... Low Unreviewed

CVE-2024-9203 was published Sep 26, 2024

Previous 1 2 … 8 9 10 11 12 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,049 advisories