Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,183 advisories

Loading
Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution... High Unreviewed
CVE-2024-47480 was published Dec 18, 2024
A flaw was found in Open Cluster Management (OCM) when a user has access to the worker nodes... High Unreviewed
CVE-2024-9779 was published Dec 18, 2024
Next.js authorization bypass vulnerability High
CVE-2024-51479 was published for next (npm) Dec 17, 2024
tyage
In multiple locations, there is a possible permissions bypass due to a missing null check. This... High Unreviewed
CVE-2024-34719 was published Nov 13, 2024
CyberPanel before 2.3.8 allows remote authenticated users to execute arbitrary commands via shell... High Unreviewed
CVE-2024-53376 was published Dec 16, 2024
Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain... High Unreviewed
CVE-2024-38922 was published Dec 7, 2024
In updateInternal of MediaProvider.java , there is a possible access of another app's files due... High Unreviewed
CVE-2024-43089 was published Nov 13, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed
CVE-2024-40661 was published Nov 13, 2024
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary... High Unreviewed
CVE-2024-40671 was published Nov 13, 2024
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-40658 was published Sep 11, 2024
In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi... High Unreviewed
CVE-2024-31332 was published Jul 9, 2024
In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by... High Unreviewed
CVE-2024-31324 was published Jul 9, 2024
In onCreate of multiple files, there is a possible way to trick the user into granting health... High Unreviewed
CVE-2024-31323 was published Jul 9, 2024
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI... High Unreviewed
CVE-2023-21139 was published Jun 15, 2023
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due... High Unreviewed
CVE-2023-21138 was published Jun 15, 2023
jfinal CMS 5.1.0 has an arbitrary file read vulnerability. High Unreviewed
CVE-2023-34645 was published Jun 16, 2023
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability High
CVE-2024-50379 was published for org.apache.tomcat:tomcat-catalina (Maven) Dec 17, 2024
A NULL pointer dereference in D-Link DAP-1513 REVA_FIRMWARE_1.01 allows attackers to cause a... High Unreviewed
CVE-2024-36832 was published Dec 17, 2024
In availableToWriteBytes of MessageQueueBase.h, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-31313 was published Jul 9, 2024
In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due... High Unreviewed
CVE-2024-34725 was published Jul 9, 2024
In CompanionDeviceManagerService.java, there is a possible way to pair a companion device without... High Unreviewed
CVE-2024-31318 was published Jul 9, 2024
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a... High Unreviewed
CVE-2024-31319 was published Jul 9, 2024
Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the... High Unreviewed
CVE-2024-55103 was published Dec 16, 2024
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible... High Unreviewed
CVE-2024-34740 was published Aug 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database