Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,485 advisories

Sylius potentially vulnerable to Cross Site Scripting via "Name" field (Taxons, Products, Options, Variants) in Admin Panel Low
CVE-2024-34349 was published for sylius/sylius (Composer) May 10, 2024
thelounge may publicly disclose of all usernames/idents via port 113 Low
GHSA-g49q-jw42-6x85 was published for thelounge (npm) May 9, 2024
Juerd
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage... Low Unreviewed
CVE-2024-28971 was published May 8, 2024
Dell PowerProtect DM5500 version 5.15.0.0 and prior contains an insecure deserialization... Low Unreviewed
CVE-2024-22460 was published May 8, 2024
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34999 was published May 8, 2024
Bentley View SKP File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2022-43652 was published May 8, 2024
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-35000 was published May 8, 2024
BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-35001 was published May 8, 2024
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2022-43656 was published May 8, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34969 was published May 8, 2024
Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34973 was published May 8, 2024
Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure... Low Unreviewed
CVE-2021-34970 was published May 8, 2024
Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34976 was published May 8, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2021-34972 was published May 8, 2024
Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability.... Low Unreviewed
CVE-2021-34951 was published May 8, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2021-34949 was published May 8, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
An Unverified Password Change could allow a malicious actor with API access to the device to... Low Unreviewed
CVE-2024-29208 was published May 7, 2024
An Improper Access Control could allow a malicious actor authenticated in the API to enable... Low Unreviewed
CVE-2024-29206 was published May 7, 2024
Kimai information disclosure vulnerability Low
CVE-2024-4596 was published for kimai/kimai (Composer) May 7, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through... Low Unreviewed
CVE-2024-3757 was published May 7, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL... Low Unreviewed
CVE-2024-31078 was published May 7, 2024
Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1... Low Unreviewed
CVE-2024-20855 was published May 7, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources leads to infinite recursion... Low Unreviewed
CVE-2024-4568 was published May 6, 2024
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as... Low Unreviewed
CVE-2024-4528 was published May 6, 2024
ProTip! Advisories are also available from the GraphQL API