GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
92,277 advisories
Filter by severity
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX
High
CVE-2024-34360
was published
for
github.com/spacemeshos/api
(Go)
May 10, 2024
Next.js Server-Side Request Forgery in Server Actions
High
CVE-2024-34351
was published
for
next
(npm)
May 9, 2024
Next.js Vulnerable to HTTP Request Smuggling
High
CVE-2024-34350
was published
for
next
(npm)
May 9, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
High
CVE-2024-32655
was published
for
Npgsql
(NuGet)
May 9, 2024
@cyclonedx/cyclonedx-library Improper Restriction of XML External Entity Reference vulnerability
High
CVE-2024-34345
was published
for
@cyclonedx/cyclonedx-library
(npm)
May 8, 2024
BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG...
High
Unreviewed
CVE-2024-32049
was published
May 8, 2024
PTC Codebeamer is vulnerable to a cross site scripting vulnerability that could allow an...
High
Unreviewed
CVE-2024-3951
was published
May 8, 2024
When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic...
High
Unreviewed
CVE-2024-33608
was published
May 8, 2024
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note:...
High
Unreviewed
CVE-2024-26026
was published
May 8, 2024
An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
...
High
Unreviewed
CVE-2024-28883
was published
May 8, 2024
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP...
High
Unreviewed
CVE-2024-31156
was published
May 8, 2024
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note:...
High
Unreviewed
CVE-2024-21793
was published
May 8, 2024
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic...
High
Unreviewed
CVE-2024-25560
was published
May 8, 2024
Apache Inlong Deserialization of Untrusted Data vulnerability
High
CVE-2024-26579
was published
for
org.apache.inlong:manager-pojo
(Maven)
May 8, 2024
Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects...
High
Unreviewed
CVE-2024-31270
was published
May 8, 2024
Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from...
High
Unreviewed
CVE-2024-1438
was published
May 8, 2024
Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
High
CVE-2024-34346
was published
for
deno
(Rust)
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-34553
was published
May 8, 2024
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through...
High
Unreviewed
CVE-2024-3507
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with...
High
Unreviewed
CVE-2024-22264
was published
May 8, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an...
High
Unreviewed
CVE-2024-2860
was published
May 8, 2024
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a...
High
Unreviewed
CVE-2024-1929
was published
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API