Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,190 advisories

Loading
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
In onCreate of WifiDialogActivity.java, there is a possible way to bypass the... High Unreviewed
CVE-2024-23704 was published May 7, 2024
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-37329 was published May 3, 2024
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48492 was published Jun 19, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48497 was published Jun 19, 2023
The MC990 X and UV300 RMC component has and inadequate default configuration that could be... High Unreviewed
CVE-2023-30905 was published Jun 16, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48486 was published Jun 19, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48490 was published Jun 19, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48489 was published Jun 19, 2023
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will... High Unreviewed
CVE-2022-48493 was published Jun 19, 2023
An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean... High Unreviewed
CVE-2023-35809 was published Jun 18, 2023
Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER... High Unreviewed
CVE-2019-13510 was published May 24, 2022
Laravel Pulse Allows Remote Code Execution via Unprotected Query Method High
CVE-2024-55661 was published for laravel/pulse (Composer) Dec 13, 2024
angelej
MinIO vulnerable to privilege escalation in IAM import API High
CVE-2024-55949 was published for github.com/minio/minio (Go) Dec 16, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers... High Unreviewed
CVE-2024-37774 was published Dec 17, 2024
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed
CVE-2024-38499 was published Dec 17, 2024
The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member... High Unreviewed
CVE-2024-8326 was published Dec 17, 2024
The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-12024 was published Dec 17, 2024
undertow: information leakage via HTTP/2 request header reuse High
CVE-2024-4109 was published for io.undertow:undertow-core (Maven) Dec 12, 2024
The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2024-12293 was published Dec 17, 2024
Locally installed application can bypass the permission check and perform system operations that... High Unreviewed
CVE-2021-26280 was published Dec 17, 2024
CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause... High Unreviewed
CVE-2024-11999 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database