Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,757 advisories

Loading
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7... Low Unreviewed
CVE-2024-6685 was published Sep 17, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an... Low Unreviewed
CVE-2024-36261 was published Sep 16, 2024
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to... Low Unreviewed
CVE-2023-25546 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Low Unreviewed
CVE-2024-28170 was published Sep 16, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible Low Unreviewed
CVE-2024-46970 was published Sep 16, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the... Low Unreviewed
CVE-2024-8869 was published Sep 16, 2024
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not... Low Unreviewed
CVE-2024-36066 was published Sep 12, 2024
An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2... Low Unreviewed
CVE-2024-6446 was published Sep 12, 2024
Affected versions of Octopus Server had a weak content security policy. Low Unreviewed
CVE-2024-1656 was published Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web... Low Unreviewed
CVE-2024-36511 was published Sep 10, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted... Low Unreviewed
CVE-2024-8443 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Low Unreviewed
CVE-2024-37995 was published Sep 10, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options... Low Unreviewed
CVE-2024-8258 was published Sep 10, 2024
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory... Low Unreviewed
CVE-2024-42425 was published Sep 10, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A... Low Unreviewed
CVE-2024-39582 was published Sep 10, 2024
An authenticated attacker with high privilege can use functions of SLCM transactions to which... Low Unreviewed
CVE-2024-45284 was published Sep 10, 2024
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform... Low Unreviewed
CVE-2024-41728 was published Sep 10, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing... Low Unreviewed
CVE-2024-8042 was published Sep 9, 2024
A vulnerability has been identified in Node.js, affecting users of the experimental permission... Low Unreviewed
CVE-2024-36137 was published Sep 7, 2024
An improper certificate validation vulnerability has been reported to affect QuMagie. If... Low Unreviewed
CVE-2024-38642 was published Sep 6, 2024
An improper restriction of excessive authentication attempts vulnerability has been reported to... Low Unreviewed
CVE-2024-32771 was published Sep 6, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,... Low Unreviewed
CVE-2024-27125 was published Sep 6, 2024
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when... Low Unreviewed
CVE-2024-6792 was published Sep 6, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been... Low Unreviewed
CVE-2024-8417 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API