Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118 advisories

Loading
CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code... High Unreviewed
CVE-2024-45826 was published Sep 12, 2024
In certain highly specific configurations of the host system and MongoDB server binary... Moderate Unreviewed
CVE-2024-8207 was published Aug 27, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been... Moderate Unreviewed
CVE-2024-7911 was published Aug 18, 2024
A vulnerability exists in the Rockwell Automation Emulate3D™, which could be leveraged to execute... Moderate Unreviewed
CVE-2024-6079 was published Aug 13, 2024
Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an... Moderate Unreviewed
CVE-2024-28962 was published Aug 6, 2024
HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during... High Unreviewed
CVE-2024-6717 was published Jul 23, 2024
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-38049 was published Jul 9, 2024
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by... Moderate Unreviewed
CVE-2024-0728 was published Jan 19, 2024
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to... Critical Unreviewed
CVE-2023-5716 was published Jan 19, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49864 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49862 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49863 was published Jan 10, 2024
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been... Moderate Unreviewed
CVE-2023-6618 was published Dec 8, 2023
In visitUris of Notification.java, there is a possible way to display images from another user... Moderate Unreviewed
CVE-2023-35668 was published Dec 5, 2023
Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple... High Unreviewed
CVE-2023-5247 was published Nov 30, 2023
A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356.... High Unreviewed
CVE-2023-39542 was published Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-40194 was published Nov 27, 2023
An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit... High Unreviewed
CVE-2023-35985 was published Nov 27, 2023
This external control vulnerability, if exploited, could allow a local OS-authenticated user... Moderate Unreviewed
CVE-2023-34982 was published Nov 15, 2023
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused... Moderate Unreviewed
CVE-2023-40139 was published Oct 27, 2023
On affected Wago products an remote attacker with administrative privileges can access files to... Low Unreviewed
CVE-2023-4089 was published Oct 17, 2023
Local privilege escalation due to improper soft link handling. The following products are... Moderate Unreviewed
CVE-2023-44209 was published Oct 4, 2023
A file write vulnerability exists in the OAS Engine configuration functionality of Open... High Unreviewed
CVE-2023-32615 was published Sep 5, 2023
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
ProTip! Advisories are also available from the GraphQL API