Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,046 advisories

Loading
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to user group add due to a... Low Unreviewed
CVE-2024-8350 was published Sep 25, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in... Low Unreviewed
CVE-2023-5359 was published Sep 25, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-43845 was published Sep 25, 2024
Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect... Low Unreviewed
CVE-2024-45453 was published Sep 23, 2024
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as... Low Unreviewed
CVE-2024-9075 was published Sep 22, 2024
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for... Low Unreviewed
CVE-2024-8612 was published Sep 20, 2024
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in... Low Unreviewed
CVE-2024-46794 was published Sep 18, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An... Low Unreviewed
CVE-2024-44180 was published Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An... Low Unreviewed
CVE-2024-44139 was published Sep 17, 2024
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS... Low Unreviewed
CVE-2024-40830 was published Sep 17, 2024
A privacy issue was addressed by moving sensitive data to a protected location. This issue is... Low Unreviewed
CVE-2024-40838 was published Sep 17, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-40791 was published Sep 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7... Low Unreviewed
CVE-2024-6685 was published Sep 17, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an... Low Unreviewed
CVE-2024-36261 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Low Unreviewed
CVE-2024-28170 was published Sep 16, 2024
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to... Low Unreviewed
CVE-2023-25546 was published Sep 16, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the... Low Unreviewed
CVE-2024-8869 was published Sep 16, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible Low Unreviewed
CVE-2024-46970 was published Sep 16, 2024
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not... Low Unreviewed
CVE-2024-36066 was published Sep 12, 2024
An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2... Low Unreviewed
CVE-2024-6446 was published Sep 12, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS... Low Unreviewed
CVE-2024-44575 was published Sep 11, 2024
Affected versions of Octopus Server had a weak content security policy. Low Unreviewed
CVE-2024-1656 was published Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web... Low Unreviewed
CVE-2024-36511 was published Sep 10, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted... Low Unreviewed
CVE-2024-8443 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Low Unreviewed
CVE-2024-37995 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database