GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
356 advisories
Filter by severity
Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an...
Low
Unreviewed
CVE-2024-32485
was published
Nov 13, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All...
Low
Unreviewed
CVE-2024-50560
was published
Nov 12, 2024
Ansible-Core vulnerable to content protections bypass
Low
CVE-2024-11079
was published
for
ansible-core
(pip)
Nov 12, 2024
Symfony has an incorrect response from Validator when input ends with `\n`
Low
CVE-2024-50343
was published
for
symfony/symfony
(Composer)
Nov 6, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft...
Low
Unreviewed
CVE-2024-8518
was published
Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.
Low
Unreviewed
CVE-2024-43697
was published
Oct 8, 2024
Apache Druid: Users can provide MySQL JDBC properties not on allow list
Low
CVE-2024-45537
was published
for
org.apache.druid:druid
(Maven)
Sep 17, 2024
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1...
Low
Unreviewed
CVE-2024-24973
was published
Aug 14, 2024
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid...
Low
Unreviewed
CVE-2023-31366
was published
Aug 13, 2024
Concrete CMS Stored Cross-site Scripting vulnerability
Low
CVE-2024-4350
was published
for
concrete5/concrete5
(Composer)
Aug 12, 2024
Concrete CMS Stored XSS in getAttributeSetName
Low
CVE-2024-7394
was published
for
concrete5/concrete5
(Composer)
Aug 8, 2024
Concrete CMS vulnerable to Stored Cross-site Scripting
Low
CVE-2024-4353
was published
for
concrete5/concrete5
(Composer)
Aug 1, 2024
Improper Input Validation of query search results for private field data in PingIDM OPENIDM ...
Low
Unreviewed
CVE-2024-23600
was published
Aug 1, 2024
The fuels-ts typescript SDK has no awareness of to-be-spent transactions
Low
CVE-2024-41945
was published
for
@fuel-ts/account
(npm)
Jul 30, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-36226
was published
Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-26127
was published
Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-26126
was published
Jun 13, 2024
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an...
Low
Unreviewed
CVE-2023-43745
was published
May 16, 2024
Insufficient verification vulnerability in the system sharing pop-up module
Impact: Successful...
Low
Unreviewed
CVE-2024-32989
was published
May 14, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in...
Low
Unreviewed
CVE-2024-28977
was published
Apr 24, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
Low
CVE-2024-3177
was published
for
k8s.io/kubernetes
(Go)
Apr 23, 2024
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input...
Low
Unreviewed
CVE-2023-31028
was published
Apr 5, 2024
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input...
Low
Unreviewed
CVE-2024-0080
was published
Apr 5, 2024
Concrete CMS Stored XSS in blocks of type file
Low
CVE-2024-3180
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter
Low
CVE-2024-3178
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
ProTip!
Advisories are also available from the
GraphQL API