Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

292 advisories

Loading
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed
CVE-2024-34397 was published May 7, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction... Moderate Unreviewed
CVE-2022-22364 was published May 3, 2024
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-50224 was published May 3, 2024
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-44447 was published May 3, 2024
Jenkins Script Security Plugin sandbox bypass vulnerability High
CVE-2024-34145 was published for org.jenkins-ci.plugins:script-security (Maven) May 2, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed
CVE-2024-1347 was published Apr 25, 2024
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by... High Unreviewed
CVE-2024-33531 was published Apr 24, 2024
Apache HugeGraph-Server: Bypass whitelist in Auth mode High
CVE-2024-27349 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed
CVE-2024-3843 was published Apr 17, 2024
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-31784 was published Apr 16, 2024
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an... Moderate Unreviewed
CVE-2024-23558 was published Apr 15, 2024
Apache Zeppelin: Replacing other users notebook, bypassing any permissions Moderate
CVE-2024-31863 was published for org.apache.zeppelin:zeppelin-server (Maven) Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... Moderate Unreviewed
CVE-2024-30190 was published Apr 9, 2024
A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),... Moderate Unreviewed
CVE-2024-30189 was published Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... High Unreviewed
CVE-2024-30191 was published Apr 9, 2024
Ollama DNS rebinding vulnerability High
CVE-2024-28224 was published for github.com/ollama/ollama (Go) Apr 8, 2024
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Unknown Unreviewed
CVE-2024-29006 was published Apr 4, 2024
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code... Moderate Unreviewed
CVE-2024-31008 was published Apr 3, 2024
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification... High Unreviewed
CVE-2024-22092 was published Apr 2, 2024
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in... Moderate Unreviewed
CVE-2024-28228 was published Mar 7, 2024
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS... High Unreviewed
CVE-2024-22457 was published Mar 1, 2024
SMTP smuggling in Apache James High
CVE-2023-51747 was published for org.apache.james:james-server (Maven) Feb 27, 2024
oscerd
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS... Moderate Unreviewed
CVE-2023-42889 was published Feb 21, 2024
An inconsistent user interface issue was addressed with improved state management. This issue is... High Unreviewed
CVE-2023-42843 was published Feb 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database