Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

100,173 advisories

Loading
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11575 was published Nov 22, 2024
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11542 was published Nov 22, 2024
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11558 was published Nov 22, 2024
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11557 was published Nov 22, 2024
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11539 was published Nov 22, 2024
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file... High Unreviewed
CVE-2024-0353 was published Feb 15, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows... High Unreviewed
CVE-2024-40405 was published Nov 14, 2024
A full path disclosure in Cybele Software Thinfinity Workspace before v7.0.2.113 allows attackers... High Unreviewed
CVE-2024-40407 was published Nov 14, 2024
By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46462 was published Nov 15, 2024
By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI... High Unreviewed
CVE-2024-46466 was published Nov 15, 2024
By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other... High Unreviewed
CVE-2024-46467 was published Nov 15, 2024
By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46465 was published Nov 15, 2024
IrfanView RLE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11518 was published Nov 22, 2024
By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46463 was published Nov 15, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed
CVE-2024-40408 was published Nov 14, 2024
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-11522 was published Nov 22, 2024
DotNetZip Directory Traversal vulnerability High
CVE-2024-48510 was published for DotNetZip (NuGet) Nov 13, 2024
Foorcee
MLflow's excessive directory permissions allow local privilege escalation High
CVE-2024-27134 was published for mlflow (pip) Nov 25, 2024
Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination High
CVE-2024-10039 was published for org.keycloak:keycloak-core (Maven) Nov 25, 2024
ahus1
H2O vulnerable to Deserialization of Untrusted Data High
CVE-2024-6960 was published for ai.h2o:h2o-core (Maven) Jul 21, 2024
Python Twisted trustRoot is not respected in HTTP client High
CVE-2014-7143 was published for twisted (pip) Dec 17, 2019
Keycloak Build Process Exposes Sensitive Data High
CVE-2024-10451 was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 25, 2024
Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-9745 was published Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution... High Unreviewed
CVE-2024-9739 was published Nov 22, 2024
IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-9261 was published Nov 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database