GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
119 advisories
Filter by severity
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This...
Moderate
Unreviewed
CVE-2024-5823
was published
Oct 29, 2024
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code...
High
Unreviewed
CVE-2024-45826
was published
Sep 12, 2024
In certain highly specific configurations of the host system and MongoDB server binary...
Moderate
Unreviewed
CVE-2024-8207
was published
Aug 27, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7911
was published
Aug 18, 2024
A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute...
Moderate
Unreviewed
CVE-2024-6079
was published
Aug 13, 2024
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an...
Moderate
Unreviewed
CVE-2024-28962
was published
Aug 6, 2024
HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during...
High
Unreviewed
CVE-2024-6717
was published
Jul 23, 2024
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-38049
was published
Jul 9, 2024
CloudLinux
CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to
the sendmail...
Moderate
Unreviewed
CVE-2020-36772
was published
Jan 22, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by...
Moderate
Unreviewed
CVE-2024-0728
was published
Jan 19, 2024
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to...
Critical
Unreviewed
CVE-2023-5716
was published
Jan 19, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49864
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49863
was published
Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image...
Moderate
Unreviewed
CVE-2023-49862
was published
Jan 10, 2024
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been...
Moderate
Unreviewed
CVE-2023-6618
was published
Dec 8, 2023
In visitUris of Notification.java, there is a possible way to display images from another user...
Moderate
Unreviewed
CVE-2023-35668
was published
Dec 5, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple...
High
Unreviewed
CVE-2023-5247
was published
Nov 30, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356....
High
Unreviewed
CVE-2023-39542
was published
Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-40194
was published
Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit...
High
Unreviewed
CVE-2023-35985
was published
Nov 27, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user...
Moderate
Unreviewed
CVE-2023-34982
was published
Nov 15, 2023
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused...
Moderate
Unreviewed
CVE-2023-40139
was published
Oct 27, 2023
On affected Wago products an remote attacker with administrative privileges can access files to...
Low
Unreviewed
CVE-2023-4089
was published
Oct 17, 2023
Local privilege escalation due to improper soft link handling. The following products are...
Moderate
Unreviewed
CVE-2023-44209
was published
Oct 4, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open...
High
Unreviewed
CVE-2023-32615
was published
Sep 5, 2023
ProTip!
Advisories are also available from the
GraphQL API