Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

94,055 advisories

Loading
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2024-11733 was published Jan 4, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component... High Unreviewed
CVE-2024-35365 was published Jan 3, 2025
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high... High Unreviewed
CVE-2024-9138 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-47032 was published Jan 3, 2025
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-53837 was published Jan 3, 2025
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out... High Unreviewed
CVE-2024-53838 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read... High Unreviewed
CVE-2024-53834 was published Jan 3, 2025
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed
CVE-2024-43769 was published Jan 3, 2025
In multiple locations, there is a possible way to avoid unbinding of a service from the system... High Unreviewed
CVE-2024-43762 was published Jan 3, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43097 was published Jan 3, 2025
In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43768 was published Jan 3, 2025
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass... High Unreviewed
CVE-2024-43764 was published Jan 3, 2025
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due... High Unreviewed
CVE-2024-43767 was published Jan 3, 2025
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to... High Unreviewed
CVE-2024-43077 was published Jan 3, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2024-55543 was published Jan 2, 2025
A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated... High Unreviewed
CVE-2024-9950 was published Jan 2, 2025
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly... High Unreviewed
CVE-2023-48758 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56014 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro allows Authentication... High Unreviewed
CVE-2024-39623 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database