GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,603 advisories
Filter by severity
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards...
High
Unreviewed
CVE-2023-38522
was published
Jul 26, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can...
Critical
Unreviewed
CVE-2024-35161
was published
Jul 26, 2024
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name &...
Moderate
Unreviewed
CVE-2024-25090
was published
Jul 26, 2024
The "reset password" login page accepted an HTML injection via URL parameters.
This has already...
Moderate
Unreviewed
CVE-2024-3938
was published
Jul 26, 2024
snapd failed to properly check the file type when extracting a snap
Moderate
CVE-2024-29068
was published
for
github.com/snapcore/snapd
(Go)
Jul 25, 2024
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android...
High
Unreviewed
CVE-2024-7014
was published
Jul 23, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation...
Moderate
Unreviewed
CVE-2024-41839
was published
Jul 23, 2024
Apache Syncope Improper Input Validation vulnerability
Moderate
CVE-2024-38503
was published
for
org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui
(Maven)
Jul 22, 2024
Apache CXF Denial of Service vulnerability in JOSE
Moderate
CVE-2024-32007
was published
for
org.apache.cxf:cxf-rt-rs-security-jose
(Maven)
Jul 19, 2024
Absent Input Validation in BinaryHttpParser
High
CVE-2024-40642
was published
for
io.netty.incubator:netty-incubator-codec-bhttp
(Maven)
Jul 18, 2024
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability....
Critical
Unreviewed
CVE-2024-23469
was published
Jul 17, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote...
High
Unreviewed
CVE-2024-3173
was published
Jul 17, 2024
An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a...
High
Unreviewed
CVE-2024-6089
was published
Jul 16, 2024
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before...
Moderate
Unreviewed
CVE-2024-39827
was published
Jul 15, 2024
Improper input validation in the installer for some Zoom Apps for Windows may allow an...
High
Unreviewed
CVE-2024-27240
was published
Jul 15, 2024
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a...
Moderate
Unreviewed
CVE-2024-27241
was published
Jul 15, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by...
High
Unreviewed
CVE-2024-40520
was published
Jul 12, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by...
High
Unreviewed
CVE-2024-40518
was published
Jul 12, 2024
Mimekit has vulnerable dependency that can lead to denial of service
High
GHSA-gmc6-fwg3-75m5
was published
for
MimeKit
(NuGet)
Jul 11, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,...
High
Unreviewed
CVE-2024-5681
was published
Jul 11, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper...
Moderate
Unreviewed
CVE-2024-39513
was published
Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper...
Moderate
Unreviewed
CVE-2024-39511
was published
Jul 11, 2024
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an...
Moderate
Unreviewed
CVE-2024-5913
was published
Jul 10, 2024
@discordjs/opus vulnerable to Denial of Service
High
CVE-2024-21521
was published
for
@discordjs/opus
(npm)
Jul 10, 2024
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile...
Moderate
Unreviewed
CVE-2024-27386
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API