Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

258,988 advisories

Loading
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12200 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12199 was published Dec 17, 2024
Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited,... High Unreviewed
CVE-2024-10476 was published Dec 17, 2024
A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12192 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12191 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a... High Unreviewed
CVE-2024-12179 was published Dec 17, 2024
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align... Unknown Unreviewed
CVE-2024-53144 was published Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of... High Unreviewed
CVE-2024-12198 was published Dec 17, 2024
A NULL pointer dereference in the plugins_call_handle_uri_clean function of D-Link DAP-1520... Moderate Unreviewed
CVE-2024-36831 was published Dec 17, 2024
A NULL pointer dereference in D-Link DIR-860L REVB_FIRMWARE_2.04.B04_ic5b allows attackers to... Moderate Unreviewed
CVE-2024-37605 was published Dec 17, 2024
A Buffer overflow vulnerability in D-Link DAP-2555 REVA_FIRMWARE_1.20 allows remote attackers to... Moderate Unreviewed
CVE-2024-37607 was published Dec 17, 2024
Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet. Moderate Unreviewed
CVE-2024-55554 was published Dec 17, 2024
A Stored Cross-Site Scripting (XSS) vulnerability exists in authenticated SVG file upload and... Moderate Unreviewed
CVE-2024-55451 was published Dec 17, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed
CVE-2024-55557 was published Dec 16, 2024
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as... Moderate Unreviewed
CVE-2024-37773 was published Dec 17, 2024
A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9.1.2 allows attackers to... Moderate Unreviewed
CVE-2024-37776 was published Dec 17, 2024
iptraf-ng 1.2.1 has a stack-based buffer overflow. Critical Unreviewed
CVE-2024-52949 was published Dec 17, 2024
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online... Moderate Unreviewed
CVE-2024-55100 was published Dec 16, 2024
Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities... High Unreviewed
CVE-2024-55104 was published Dec 16, 2024
In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due... High Unreviewed
CVE-2024-34731 was published Aug 16, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
In onCreate of WifiDialogActivity.java, there is a possible way to bypass the... High Unreviewed
CVE-2024-23704 was published May 7, 2024
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-37329 was published May 3, 2024
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database