GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability...
High
Unreviewed
CVE-2022-36392
was published
Aug 11, 2023
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
High
Unreviewed
CVE-2024-9348
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers...
High
Unreviewed
CVE-2023-45539
was published
Nov 28, 2023
An unauthenticated local attacker can gain admin privileges by deploying a config file due to...
High
Unreviewed
CVE-2024-45271
was published
Oct 15, 2024
Input verification vulnerability in the audio module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39382
was published
Aug 13, 2023
Input verification vulnerability in the storage module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39381
was published
Aug 13, 2023
Vulnerability of input parameter verification in certain APIs in the window management module....
High
Unreviewed
CVE-2023-39390
was published
Aug 13, 2023
Vulnerability of input parameters being not strictly verified in the PMS module. Successful...
High
Unreviewed
CVE-2023-39386
was published
Aug 13, 2023
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible...
High
Unreviewed
CVE-2024-34739
was published
Aug 16, 2024
Windows App Installer Spoofing Vulnerability
High
Unreviewed
CVE-2024-38177
was published
Aug 13, 2024
Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with...
High
Unreviewed
CVE-2024-38473
was published
Jul 1, 2024
An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via...
High
Unreviewed
CVE-2024-27629
was published
Jun 29, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server...
High
Unreviewed
CVE-2024-4177
was published
Jun 6, 2024
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with...
High
Unreviewed
CVE-2023-36921
was published
Jul 11, 2023
Controller DoS due to stack overflow when decoding a message from the server
High
Unreviewed
CVE-2023-24480
was published
Jul 13, 2023
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)...
High
Unreviewed
CVE-2019-12675
was published
May 24, 2022
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)...
High
Unreviewed
CVE-2019-12674
was published
May 24, 2022
LibreOffice documents can contain macros. The execution of those macros is controlled by the...
High
Unreviewed
CVE-2019-9853
was published
May 24, 2022
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary...
High
Unreviewed
CVE-2018-16386
was published
May 24, 2022
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can...
High
Unreviewed
CVE-2023-4571
was published
Aug 30, 2023
A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a...
High
Unreviewed
CVE-2024-1064
was published
Feb 3, 2024
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability...
High
Unreviewed
CVE-2023-3997
was published
Jul 31, 2023
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x...
High
Unreviewed
CVE-2020-26116
was published
May 24, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially...
High
Unreviewed
CVE-2022-39958
was published
Sep 21, 2022
ProTip!
Advisories are also available from the
GraphQL API