Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,986 advisories

Loading
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not... Low Unreviewed
CVE-2020-10368 was published Nov 11, 2024
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a... Low Unreviewed
CVE-2024-0037 was published Feb 16, 2024
Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower... Low Unreviewed
CVE-2020-3301 was published May 24, 2022
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's... Low Unreviewed
CVE-2024-0053 was published Mar 11, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi... Low Unreviewed
CVE-2024-8160 was published Nov 26, 2024
NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it... Low Unreviewed
CVE-2024-39846 was published Jun 29, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed
CVE-2024-28811 was published Sep 30, 2024
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-10710 was published Nov 25, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS... Low Unreviewed
CVE-2024-44575 was published Sep 11, 2024
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9251 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9256 was published Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2024-9252 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9253 was published Nov 23, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9246 was published Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-7391 was published Nov 23, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability.... Low Unreviewed
CVE-2024-7511 was published Nov 23, 2024
In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing... Low Unreviewed
CVE-2024-25991 was published Mar 11, 2024
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as... Low Unreviewed
CVE-2024-10920 was published Nov 6, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9763 was published Nov 22, 2024
Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9760 was published Nov 22, 2024
Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9762 was published Nov 22, 2024
Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9752 was published Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9754 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database