GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
242 advisories
Filter by severity
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain...
High
Unreviewed
CVE-2024-43704
was published
Nov 18, 2024
Windows GDI Information Disclosure Vulnerability.
High
Unreviewed
CVE-2022-21904
was published
Jan 12, 2022
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915.
High
Unreviewed
CVE-2022-21880
was published
Jan 12, 2022
Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a...
High
Unreviewed
CVE-2024-24985
was published
Nov 13, 2024
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an...
High
Unreviewed
CVE-2023-34119
was published
Jul 11, 2023
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download...
High
Unreviewed
CVE-2021-20124
was published
May 24, 2022
A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download...
High
Unreviewed
CVE-2021-20123
was published
May 24, 2022
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted...
High
Unreviewed
CVE-2022-24975
was published
Feb 12, 2022
Windows MSHTML Platform Spoofing Vulnerability
High
Unreviewed
CVE-2024-38112
was published
Jul 9, 2024
Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an...
High
Unreviewed
CVE-2024-21813
was published
May 16, 2024
A local attacker with low privileges can read and modify any users files and cause a DoS in the...
High
Unreviewed
CVE-2023-5751
was published
Jun 4, 2024
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to...
High
Unreviewed
CVE-2024-3019
was published
Mar 28, 2024
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23...
High
Unreviewed
CVE-2022-24309
was published
Mar 9, 2022
Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate...
High
Unreviewed
CVE-2023-6096
was published
Apr 26, 2024
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to...
High
Unreviewed
CVE-2023-26588
was published
Apr 11, 2023
The Bluetooth module has a vulnerability in permission control for broadcast notifications...
High
Unreviewed
CVE-2023-44101
was published
Oct 11, 2023
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ...
High
Unreviewed
CVE-2023-44122
was published
Sep 27, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The...
High
Unreviewed
CVE-2023-43783
was published
Sep 22, 2023
Vulnerability of input parameters being not strictly verified in the AMS module. Successful...
High
Unreviewed
CVE-2023-39383
was published
Aug 13, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients'...
High
Unreviewed
CVE-2023-38830
was published
Aug 10, 2023
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information...
High
Unreviewed
CVE-2023-38955
was published
Aug 3, 2023
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe...
High
Unreviewed
CVE-2023-3670
was published
Jul 28, 2023
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an...
High
Unreviewed
CVE-2022-46901
was published
Jul 25, 2023
An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via...
High
Unreviewed
CVE-2023-37599
was published
Jul 14, 2023
ProTip!
Advisories are also available from the
GraphQL API