Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+

237,173 advisories

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2023-20239 was published May 22, 2024
A vulnerability in the file policy feature that is used to inspect encrypted archive files of... Moderate Unreviewed
CVE-2024-20261 was published May 22, 2024
Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to... Unknown Unreviewed
CVE-2024-5158 was published May 22, 2024
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker... Unknown Unreviewed
CVE-2024-5159 was published May 22, 2024
Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to... Unknown Unreviewed
CVE-2024-5157 was published May 22, 2024
A vulnerability in the Object Groups for Access Control Lists (ACLs) feature of Cisco Firepower... Moderate Unreviewed
CVE-2024-20361 was published May 22, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option... Moderate Unreviewed
CVE-2024-21791 was published May 22, 2024
xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer Overflow via libs/dicom/basic.c... Unknown Unreviewed
CVE-2024-29421 was published May 22, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a... Moderate Unreviewed
CVE-2024-4563 was published May 22, 2024
An Insecure Direct Object Reference in Google Cloud's Looker allowed metadata exposure across... Moderate Unreviewed
CVE-2024-5166 was published May 22, 2024
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... High Unreviewed
CVE-2024-20360 was published May 22, 2024
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to... Unknown Unreviewed
CVE-2024-5160 was published May 22, 2024
Ecshop 3.6 is vulnerable to Cross Site Scripting (XSS) via ecshop/article_cat.php. Unknown Unreviewed
CVE-2024-35362 was published May 22, 2024
Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their... High Unreviewed
CVE-2024-36077 was published May 22, 2024
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System ... Moderate Unreviewed
CVE-2024-20363 was published May 22, 2024
An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows... Unknown Unreviewed
CVE-2024-33223 was published May 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0... Unknown Unreviewed
CVE-2024-33226 was published May 22, 2024
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when... Moderate Unreviewed
CVE-2024-1062 was published Feb 12, 2024
A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This... High Unreviewed
CVE-2024-21886 was published Feb 28, 2024
A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to... High Unreviewed
CVE-2024-21885 was published Feb 28, 2024
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to... High Unreviewed
CVE-2024-3019 was published Mar 28, 2024
A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with... Moderate Unreviewed
CVE-2024-1481 was published Apr 10, 2024
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code... Moderate Unreviewed
CVE-2024-2494 was published Mar 21, 2024
Podman affected by CVE-2024-1753 container escape at build time High
CVE-2024-1753 was published for github.com/containers/podman/v4 (Go) Mar 28, 2024
rmcnamara-snyk
A heap-based buffer over-read vulnerability was found in the X.org server's... High Unreviewed
CVE-2024-31081 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API