GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,470 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35630
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34801
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34767
was published
Jun 3, 2024
Memory corruption in Audio during a playback or a recording due to race condition between...
Moderate
Unreviewed
CVE-2023-43543
was published
Jun 3, 2024
transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA.
Moderate
Unreviewed
CVE-2024-21478
was published
Jun 3, 2024
Information disclosure while handling T2LM Action Frame in WLAN Host.
Moderate
Unreviewed
CVE-2023-43537
was published
Jun 3, 2024
Memory corruption when IPC callback handle is used after it has been released during register...
Moderate
Unreviewed
CVE-2023-43544
was published
Jun 3, 2024
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
High
Unreviewed
CVE-2024-23363
was published
Jun 3, 2024
Memory corruption when more scan frequency list or channels are sent from the user space.
Moderate
Unreviewed
CVE-2023-43545
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23667
was published
Jun 3, 2024
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
Critical
Unreviewed
CVE-2023-43538
was published
Jun 3, 2024
Memory corruption in Hypervisor when platform information mentioned is not aligned.
Critical
Unreviewed
CVE-2023-43556
was published
Jun 3, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the...
Critical
Unreviewed
CVE-2023-43551
was published
Jun 3, 2024
Memory corruption while copying a keyblob`s material when the key material`s size is not...
High
Unreviewed
CVE-2023-43542
was published
Jun 3, 2024
Information disclosure in Video while parsing mp2 clip with invalid section length.
High
Unreviewed
CVE-2023-43555
was published
Jun 3, 2024
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.
High
Unreviewed
CVE-2024-23360
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23668
was published
Jun 3, 2024
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6...
Moderate
Unreviewed
CVE-2024-23664
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23670
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue...
Moderate
Unreviewed
CVE-2024-35635
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue...
Moderate
Unreviewed
CVE-2024-35633
was published
Jun 3, 2024
Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below,...
Moderate
Unreviewed
CVE-2024-23665
was published
Jun 3, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Contact...
Moderate
Unreviewed
CVE-2024-34754
was published
Jun 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
fs/9p: only translate RWX...
Unknown
Unreviewed
CVE-2024-36964
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin:...
Moderate
Unreviewed
CVE-2024-35637
was published
Jun 3, 2024
ProTip!
Advisories are also available from the
GraphQL API