GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+
237,173 advisories
Filter by severity
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)...
High
Unreviewed
CVE-2023-20239
was published
May 22, 2024
A vulnerability in the file policy feature that is used to inspect encrypted archive files of...
Moderate
Unreviewed
CVE-2024-20261
was published
May 22, 2024
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to...
Unknown
Unreviewed
CVE-2024-5158
was published
May 22, 2024
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker...
Unknown
Unreviewed
CVE-2024-5159
was published
May 22, 2024
Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to...
Unknown
Unreviewed
CVE-2024-5157
was published
May 22, 2024
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower...
Moderate
Unreviewed
CVE-2024-20361
was published
May 22, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option...
Moderate
Unreviewed
CVE-2024-21791
was published
May 22, 2024
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c...
Unknown
Unreviewed
CVE-2024-29421
was published
May 22, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a...
Moderate
Unreviewed
CVE-2024-4563
was published
May 22, 2024
An Insecure Direct Object Reference in Google Cloud's Looker allowed metadata exposure across...
Moderate
Unreviewed
CVE-2024-5166
was published
May 22, 2024
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)...
High
Unreviewed
CVE-2024-20360
was published
May 22, 2024
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to...
Unknown
Unreviewed
CVE-2024-5160
was published
May 22, 2024
Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php.
Unknown
Unreviewed
CVE-2024-35362
was published
May 22, 2024
Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their...
High
Unreviewed
CVE-2024-36077
was published
May 22, 2024
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System ...
Moderate
Unreviewed
CVE-2024-20363
was published
May 22, 2024
An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows...
Unknown
Unreviewed
CVE-2024-33223
was published
May 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0...
Unknown
Unreviewed
CVE-2024-33226
was published
May 22, 2024
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when...
Moderate
Unreviewed
CVE-2024-1062
was published
Feb 12, 2024
A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This...
High
Unreviewed
CVE-2024-21886
was published
Feb 28, 2024
A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to...
High
Unreviewed
CVE-2024-21885
was published
Feb 28, 2024
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to...
High
Unreviewed
CVE-2024-3019
was published
Mar 28, 2024
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with...
Moderate
Unreviewed
CVE-2024-1481
was published
Apr 10, 2024
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code...
Moderate
Unreviewed
CVE-2024-2494
was published
Mar 21, 2024
Podman affected by CVE-2024-1753 container escape at build time
High
CVE-2024-1753
was published
for
github.com/containers/podman/v4
(Go)
Mar 28, 2024
A heap-based buffer over-read vulnerability was found in the X.org server's...
High
Unreviewed
CVE-2024-31081
was published
Apr 4, 2024
ProTip!
Advisories are also available from the
GraphQL API