Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,762 advisories

Loading
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by... Moderate Unreviewed
CVE-2024-50652 was published Nov 15, 2024
Vulnerability of input data not being verified in the cellular data module.Successful... High Unreviewed
CVE-2023-52377 was published Feb 18, 2024
An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard... Unknown Unreviewed
CVE-2024-51367 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix use-after... Unknown Unreviewed
CVE-2024-53095 was published Nov 21, 2024
Multiple endpoints in `oracle-sidecar` in versions 0.347.0 to 0.543.0 were found to be vulnerable... Moderate Unreviewed
CVE-2024-49588 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Add sendpage_ok()... Unknown Unreviewed
CVE-2024-53094 was published Nov 21, 2024
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows... Unknown Unreviewed
CVE-2024-51366 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer... Unknown Unreviewed
CVE-2024-53093 was published Nov 21, 2024
An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute... Unknown Unreviewed
CVE-2024-51364 was published Nov 21, 2024
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. High Unreviewed
CVE-2024-53334 was published Nov 21, 2024
An arbitrary file upload vulnerability in the importSettings method of VisiCut v2.1 allows... Unknown Unreviewed
CVE-2024-51365 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and... Unknown Unreviewed
CVE-2024-53091 was published Nov 21, 2024
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'load_orders... Moderate Unreviewed
CVE-2024-9828 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Mark hrtimer... Unknown Unreviewed
CVE-2024-53089 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion ... Unknown Unreviewed
CVE-2024-53090 was published Nov 21, 2024
Cross Site Scripting vulnerability in Gibbon before v.27.0.01 and fixed in v.28.0.00 allows a... Low Unreviewed
CVE-2024-51337 was published Nov 21, 2024
In the Linux kernel, the following vulnerability has been resolved: virtio_pci: Fix admin vq... Unknown Unreviewed
CVE-2024-53092 was published Nov 21, 2024
A flaw was found in the X.org server. Due to improperly tracked allocation size in... High Unreviewed
CVE-2024-9632 was published Oct 30, 2024
Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function. High Unreviewed
CVE-2024-48286 was published Nov 21, 2024
lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain... High Unreviewed
CVE-2024-50654 was published Nov 15, 2024
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component:... Moderate Unreviewed
CVE-2024-21117 was published Apr 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21011 was published Apr 17, 2024
Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability High
CVE-2024-9355 was published for github.com/golang-fips/openssl (Go) Oct 1, 2024
qmuntal
Buildah allows arbitrary directory mount Moderate
CVE-2024-9675 was published for github.com/containers/buildah (Go) Oct 9, 2024
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related... Moderate Unreviewed
CVE-2024-36458 was published Jul 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database