Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

503 advisories

Loading
The Page Restriction WordPress (WP) – Protect WP Pages/Post plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11297 was published Dec 20, 2024
A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This... Moderate Unreviewed
CVE-2024-12663 was published Dec 16, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS... Moderate Unreviewed
CVE-2024-54476 was published Dec 12, 2024
In the LG LAF component, there is a special command that allowed modification of certain... High Unreviewed
CVE-2018-9364 was published Nov 19, 2024
A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated,... Moderate Unreviewed
CVE-2020-26062 was published Nov 18, 2024
Observable discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may... High Unreviewed
CVE-2024-28885 was published Nov 13, 2024
Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This... Moderate Unreviewed
CVE-2024-11159 was published Nov 13, 2024
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not... Moderate Unreviewed
CVE-2020-10367 was published Nov 11, 2024
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not... Moderate Unreviewed
CVE-2020-10369 was published Nov 11, 2024
In the Linux kernel, the following vulnerability has been resolved: x86: fix user address... Moderate Unreviewed
CVE-2024-50102 was published Nov 5, 2024
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed
CVE-2024-41741 was published Nov 1, 2024
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-40490 was published Nov 1, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
Video frames could have been leaked between origins in some situations. This vulnerability... High Unreviewed
CVE-2024-10463 was published Oct 29, 2024
Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent... Moderate Unreviewed
CVE-2024-50383 was published Oct 23, 2024
Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent... Moderate Unreviewed
CVE-2024-50382 was published Oct 23, 2024
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware... Moderate Unreviewed
CVE-2024-48644 was published Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of... Moderate Unreviewed
CVE-2024-47678 was published Oct 21, 2024
Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business... Moderate Unreviewed
CVE-2024-21206 was published Oct 15, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Moderate Unreviewed
CVE-2024-21233 was published Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are... Low Unreviewed
CVE-2024-21210 was published Oct 15, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... Low Unreviewed
CVE-2024-21251 was published Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21208 was published Oct 15, 2024
Gradio performs a non-constant-time comparison when comparing hashes Moderate
CVE-2024-47869 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden... Low Unreviewed
CVE-2023-36325 was published Oct 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database