Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,729
Maven
4,955
npm
3,489
NuGet
607
pip
3,056
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,394 advisories

An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0,... Critical Unreviewed
CVE-2024-35213 was published Jun 11, 2024
Win32k Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30087 was published Jun 11, 2024
Windows Wi-Fi Driver Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30078 was published Jun 11, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35212 was published Jun 11, 2024
Import functionality is vulnerable to DNS rebinding attacks between verification and processing... Unknown Unreviewed
CVE-2024-36471 was published Jun 11, 2024
In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows... High Unreviewed
CVE-2024-3150 was published Jun 6, 2024
Authentication bypass in dtale Critical
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Arbitrary file deletion in litellm Moderate
CVE-2024-4888 was published for litellm (pip) Jun 6, 2024
Local file inclusion in gradio High
CVE-2024-4941 was published for gradio (pip) Jun 6, 2024
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input... High Unreviewed
CVE-2024-3152 was published Jun 6, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow.... Unknown Unreviewed
CVE-2024-5171 was published Jun 5, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an... Moderate Unreviewed
CVE-2024-20405 was published Jun 5, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... Moderate Unreviewed
CVE-2024-23669 was published Jun 5, 2024
Missing security headers in Action Pack on non-HTML responses Moderate
CVE-2024-28103 was published for actionpack (RubyGems) Jun 4, 2024
shinkbr
MLFlow improper input validation High
CVE-2024-37061 was published for mlflow (pip) Jun 4, 2024
qdrant input validation failure Critical
CVE-2024-3829 was published for qdrant-client (pip) Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... High Unreviewed
CVE-2024-23668 was published Jun 3, 2024
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint Critical
CVE-2024-3584 was published for qdrant (Rust) Jun 2, 2024
MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service High Unreviewed
CVE-2024-36390 was published Jun 2, 2024
Moodle ReCAPTCHA can be bypassed on the login page Moderate
CVE-2024-34009 was published for moodle/moodle (Composer) May 31, 2024
Moodle Improper Input Validation High
CVE-2024-33999 was published for moodle/moodle (Composer) May 31, 2024
Moodle broken access control when setting calendar event type Moderate
CVE-2024-33996 was published for moodle/moodle (Composer) May 31, 2024
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information... Moderate Unreviewed
CVE-2024-22338 was published May 31, 2024
TYPO3 Brute Force Protection Bypass in backend login Moderate
GHSA-jqr8-q455-xx45 was published for typo3/cms (Composer) May 30, 2024
TYPO3 Arbitrary Shell Execution in Swiftmailer library High
GHSA-45xg-4w5x-j429 was published for typo3/cms (Composer) May 30, 2024
ProTip! Advisories are also available from the GraphQL API