GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
10,757 advisories
Filter by severity
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1
could allow a non-privileged local user to exploit a...
Moderate
Unreviewed
CVE-2024-47102
was published
Dec 25, 2024
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on...
Moderate
Unreviewed
CVE-2024-41886
was published
Dec 24, 2024
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on...
Moderate
Unreviewed
CVE-2024-41887
was published
Dec 24, 2024
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer...
Low
Unreviewed
CVE-2024-12014
was published
Dec 20, 2024
Browsershot Improper Input Validation vulnerability
High
CVE-2024-21549
was published
for
spatie/browsershot
(Composer)
Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful...
High
Unreviewed
CVE-2022-32144
was published
Dec 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful...
High
Unreviewed
CVE-2022-32204
was published
Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-34159
was published
Dec 20, 2024
OpenShift Must Gather Operator Improper Input Validation vulnerability
High
CVE-2024-25131
was published
for
github.com/openshift/must-gather
(Go)
Dec 19, 2024
Due to the flaws in the verification of input parameters, the attacker can input carefully...
High
Unreviewed
CVE-2020-12487
was published
Dec 17, 2024
Velocidex WinPmem versions below 4.1 suffer from an Improper Input Validation vulnerability...
High
Unreviewed
CVE-2024-10972
was published
Dec 16, 2024
Browsershot Local File Inclusion
High
CVE-2024-21544
was published
for
spatie/browsershot
(Composer)
Dec 13, 2024
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally...
High
Unreviewed
CVE-2024-47238
was published
Dec 12, 2024
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-54108
was published
Dec 12, 2024
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-54109
was published
Dec 12, 2024
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-54107
was published
Dec 12, 2024
Denial of service (DoS) vulnerability in the installation module
Impact: Successful exploitation...
Moderate
Unreviewed
CVE-2024-54101
was published
Dec 12, 2024
Vulnerability of improper access control in the secure input module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-54100
was published
Dec 12, 2024
Duplicate Advisory: cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs
Moderate
CVE-2024-12401
was published
for
github.com/cert-manager/cert-manager
(Go)
Dec 12, 2024
•
withdrawn
Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-49073
was published
Dec 12, 2024
Windows Mobile Broadband Driver Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-49087
was published
Dec 12, 2024
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
High
Unreviewed
CVE-2024-49057
was published
Dec 12, 2024
sigstore has insufficient validation of integration timestamp during verification
Low
CVE-2024-55655
was published
for
sigstore
(pip)
Dec 11, 2024
CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and...
Critical
Unreviewed
CVE-2024-11737
was published
Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-43755
was published
Dec 11, 2024
ProTip!
Advisories are also available from the
GraphQL API