Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

239,017 advisories

Loading
Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12752 was published Dec 30, 2024
Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-13047 was published Dec 30, 2024
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13046 was published Dec 30, 2024
Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-13049 was published Dec 30, 2024
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13050 was published Dec 30, 2024
Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13051 was published Dec 30, 2024
iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive... Low Unreviewed
CVE-2024-11946 was published Dec 30, 2024
Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2024-13045 was published Dec 30, 2024
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13044 was published Dec 30, 2024
Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-13048 was published Dec 30, 2024
Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability... High Unreviewed
CVE-2024-13043 was published Dec 30, 2024
Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2024-12753 was published Dec 30, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12751 was published Dec 30, 2024
iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability... High Unreviewed
CVE-2024-11944 was published Dec 30, 2024
A vulnerability was found in Tsinghua Unigroup Electronic Archives Management System 3.2.210802... Moderate Unreviewed
CVE-2024-13042 was published Dec 30, 2024
Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution... High Unreviewed
CVE-2024-12835 was published Dec 30, 2024
Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows... Critical Unreviewed
CVE-2024-12828 was published Dec 30, 2024
Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-12836 was published Dec 30, 2024
Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-12834 was published Dec 30, 2024
Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL... Moderate Unreviewed
CVE-2024-46542 was published Dec 30, 2024
AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local... Moderate Unreviewed
CVE-2024-12754 was published Dec 30, 2024
IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to... High Unreviewed
CVE-2024-54181 was published Dec 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API... Critical Unreviewed
CVE-2024-10044 was published Dec 30, 2024
Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm High Unreviewed
CVE-2024-47921 was published Dec 30, 2024
Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site... High Unreviewed
CVE-2024-47920 was published Dec 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database