Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,603 advisories

Loading
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards... High Unreviewed
CVE-2023-38522 was published Jul 26, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed
CVE-2024-35161 was published Jul 26, 2024
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name &... Moderate Unreviewed
CVE-2024-25090 was published Jul 26, 2024
The "reset password" login page accepted an HTML injection via URL parameters. This has already... Moderate Unreviewed
CVE-2024-3938 was published Jul 26, 2024
snapd failed to properly check the file type when extracting a snap Moderate
CVE-2024-29068 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android... High Unreviewed
CVE-2024-7014 was published Jul 23, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Moderate Unreviewed
CVE-2024-41839 was published Jul 23, 2024
Apache Syncope Improper Input Validation vulnerability Moderate
CVE-2024-38503 was published for org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui (Maven) Jul 22, 2024
Apache CXF Denial of Service vulnerability in JOSE Moderate
CVE-2024-32007 was published for org.apache.cxf:cxf-rt-rs-security-jose (Maven) Jul 19, 2024
Absent Input Validation in BinaryHttpParser High
CVE-2024-40642 was published for io.netty.incubator:netty-incubator-codec-bhttp (Maven) Jul 18, 2024
shombo
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.... Critical Unreviewed
CVE-2024-23469 was published Jul 17, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote... High Unreviewed
CVE-2024-3173 was published Jul 17, 2024
An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a... High Unreviewed
CVE-2024-6089 was published Jul 16, 2024
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before... Moderate Unreviewed
CVE-2024-39827 was published Jul 15, 2024
Improper input validation in the installer for some Zoom Apps for Windows may allow an... High Unreviewed
CVE-2024-27240 was published Jul 15, 2024
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a... Moderate Unreviewed
CVE-2024-27241 was published Jul 15, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by... High Unreviewed
CVE-2024-40520 was published Jul 12, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by... High Unreviewed
CVE-2024-40518 was published Jul 12, 2024
Mimekit has vulnerable dependency that can lead to denial of service High
GHSA-gmc6-fwg3-75m5 was published for MimeKit (NuGet) Jul 11, 2024
StefanJonssonInExchange
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,... High Unreviewed
CVE-2024-5681 was published Jul 11, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper... Moderate Unreviewed
CVE-2024-39513 was published Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper... Moderate Unreviewed
CVE-2024-39511 was published Jul 11, 2024
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-5913 was published Jul 10, 2024
@discordjs/opus vulnerable to Denial of Service High
CVE-2024-21521 was published for @discordjs/opus (npm) Jul 10, 2024
vladfrangu
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile... Moderate Unreviewed
CVE-2024-27386 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API