GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,989
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,743
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,459

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,068 advisories

Filter by severity

Sort by

Least recently updated

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent... Low Unreviewed

CVE-2024-39361 was published Jul 3, 2024

Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote... Low Unreviewed

CVE-2024-36257 was published Jul 3, 2024

Improper Validation of Array Index vulnerability in Samsung Open Source Walrus Webassembly... Low Unreviewed

CVE-2024-32673 was published Jul 3, 2024

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to... Low Unreviewed

CVE-2024-34600 was published Jul 2, 2024

Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to... Low Unreviewed

CVE-2024-34599 was published Jul 2, 2024

Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to... Low Unreviewed

CVE-2024-34597 was published Jul 2, 2024

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed

CVE-2024-31071 was published Jul 2, 2024

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed

CVE-2024-36278 was published Jul 2, 2024

NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it... Low Unreviewed

CVE-2024-39846 was published Jun 29, 2024

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by... Low Unreviewed

CVE-2024-3995 was published Jun 29, 2024

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed

CVE-2024-39157 was published Jun 27, 2024

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed

CVE-2024-39156 was published Jun 27, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11... Low Unreviewed

CVE-2024-4011 was published Jun 27, 2024

A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000... Low Unreviewed

CVE-2024-6344 was published Jun 26, 2024

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2... Low Unreviewed

CVE-2024-28830 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... Low Unreviewed

CVE-2024-37141 was published Jun 26, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed

CVE-2024-27867 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Low Unreviewed

CVE-2024-29177 was published Jun 26, 2024

HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed

CVE-2023-37541 was published Jun 25, 2024

Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether... Low Unreviewed

CVE-2024-6300 was published Jun 25, 2024

Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally... Low Unreviewed

CVE-2024-32855 was published Jun 25, 2024

udn News Android APP stores the user session in logcat file when user log into the APP. A... Low Unreviewed

CVE-2024-6294 was published Jun 25, 2024

udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed

CVE-2024-6295 was published Jun 25, 2024

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue... Low Unreviewed

CVE-2022-44593 was published Jun 21, 2024

In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Low Unreviewed

CVE-2024-38507 was published Jun 18, 2024

Previous 1 2 … 17 18 19 20 21 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,068 advisories