Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,304 advisories

Loading
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36743 was published Jun 6, 2024
Apport does not disable python crash handler before entering chroot High Unreviewed
CVE-2022-28657 was published Jun 5, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to... High Unreviewed
CVE-2024-32988 was published May 22, 2024
Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions High Unreviewed
CVE-2022-0555 was published Jun 3, 2024
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi... High Unreviewed
CVE-2024-36728 was published Jun 3, 2024
Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via... High Unreviewed
CVE-2024-36569 was published Jun 3, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29830 was published May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29829 was published May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29846 was published May 31, 2024
An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x... High Unreviewed
CVE-2024-29848 was published May 31, 2024
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote... High Unreviewed
CVE-2024-22059 was published May 31, 2024
An issue in Debezium Community debezium-ui v.2.5 allows a local attacker to execute arbitrary... High Unreviewed
CVE-2024-28736 was published May 31, 2024
In the Linux kernel, the following vulnerability has been resolved: s390/decompressor: specify... High Unreviewed
CVE-2023-52733 was published May 21, 2024
asdcplib (aka AS-DCP Lib) 2.13.1 has a heap-based buffer over-read in ASDCP::TimedText::MXFReader... High Unreviewed
CVE-2024-37017 was published May 31, 2024
Out of bounds memory access in Keyboard Inputs in Google Chrome prior to 125.0.6422.141 allowed a... High Unreviewed
CVE-2024-5497 was published May 31, 2024
Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote... High Unreviewed
CVE-2024-5499 was published May 31, 2024
Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker... High Unreviewed
CVE-2024-5493 was published May 31, 2024
Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote... High Unreviewed
CVE-2024-5496 was published May 31, 2024
Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to... High Unreviewed
CVE-2024-5494 was published May 31, 2024
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix... High Unreviewed
CVE-2021-47327 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use... High Unreviewed
CVE-2021-47356 was published May 21, 2024
Syslifters SysReptor before 2024.40 has a CSRF vulnerability for WebSocket connections. High Unreviewed
CVE-2024-36076 was published May 19, 2024
In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee... High Unreviewed
CVE-2024-35869 was published May 19, 2024
In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in... High Unreviewed
CVE-2024-35821 was published May 17, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the... High Unreviewed
CVE-2024-35081 was published May 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database