Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,667 advisories

Loading
The fuels-ts typescript SDK has no awareness of to-be-spent transactions Low
CVE-2024-41945 was published for @fuel-ts/account (npm) Jul 30, 2024
Torres-ssf danielbate
Dhaiwat10 petertonysmith94 maschad arboleya
The AIomatic - Automatic AI Content Writer for WordPress is vulnerable to arbitrary email sending... Moderate Unreviewed
CVE-2024-5969 was published Jul 27, 2024
Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force... High Unreviewed
CVE-2024-35296 was published Jul 26, 2024
Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards... High Unreviewed
CVE-2023-38522 was published Jul 26, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed
CVE-2024-35161 was published Jul 26, 2024
Insufficient input validation and sanitation in Profile name & screenname, Bookmark name &... Moderate Unreviewed
CVE-2024-25090 was published Jul 26, 2024
The "reset password" login page accepted an HTML injection via URL parameters. This has already... Moderate Unreviewed
CVE-2024-3938 was published Jul 26, 2024
snapd failed to properly check the file type when extracting a snap Moderate
CVE-2024-29068 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android... High Unreviewed
CVE-2024-7014 was published Jul 23, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Moderate Unreviewed
CVE-2024-41839 was published Jul 23, 2024
Apache Syncope Improper Input Validation vulnerability Moderate
CVE-2024-38503 was published for org.apache.syncope.client.idrepo:syncope-client-idrepo-common-ui (Maven) Jul 22, 2024
Apache CXF Denial of Service vulnerability in JOSE Moderate
CVE-2024-32007 was published for org.apache.cxf:cxf-rt-rs-security-jose (Maven) Jul 19, 2024
Absent Input Validation in BinaryHttpParser High
CVE-2024-40642 was published for io.netty.incubator:netty-incubator-codec-bhttp (Maven) Jul 18, 2024
shombo
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.... Critical Unreviewed
CVE-2024-23469 was published Jul 17, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote... High Unreviewed
CVE-2024-3173 was published Jul 17, 2024
An input validation vulnerability exists in the Rockwell Automation 5015 - AENFTXT when a... High Unreviewed
CVE-2024-6089 was published Jul 16, 2024
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before... Moderate Unreviewed
CVE-2024-39827 was published Jul 15, 2024
Improper input validation in the installer for some Zoom Apps for Windows may allow an... High Unreviewed
CVE-2024-27240 was published Jul 15, 2024
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a... Moderate Unreviewed
CVE-2024-27241 was published Jul 15, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by... High Unreviewed
CVE-2024-40520 was published Jul 12, 2024
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by... High Unreviewed
CVE-2024-40518 was published Jul 12, 2024
Mimekit has vulnerable dependency that can lead to denial of service High
GHSA-gmc6-fwg3-75m5 was published for MimeKit (NuGet) Jul 11, 2024
StefanJonssonInExchange
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,... High Unreviewed
CVE-2024-5681 was published Jul 11, 2024
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper... Moderate Unreviewed
CVE-2024-39513 was published Jul 11, 2024
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper... Moderate Unreviewed
CVE-2024-39511 was published Jul 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database