Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,354 advisories

Loading
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution High
CVE-2024-56327 was published for pyrage (pip) Dec 19, 2024
gaby woodruffw
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2024-44211 was published Dec 20, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44231 was published Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed
CVE-2022-32144 was published Dec 20, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1.... High Unreviewed
CVE-2024-44195 was published Dec 20, 2024
In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and... High Unreviewed
CVE-2024-26793 was published Apr 4, 2024
Luxion KeyShot 3DS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11576 was published Nov 22, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat... High Unreviewed
CVE-2024-12672 was published Dec 19, 2024
A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol... High Unreviewed
CVE-2023-7005 was published Dec 19, 2024
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting... High Unreviewed
CVE-2024-10385 was published Dec 20, 2024
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed
CVE-2024-12677 was published Dec 20, 2024
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to... High Unreviewed
CVE-2024-5160 was published May 22, 2024
Luxion KeyShot ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-11580 was published Nov 22, 2024
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of... High Unreviewed
CVE-2024-26792 was published Apr 4, 2024
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on... High Unreviewed
CVE-2024-26800 was published Apr 4, 2024
Duplicate Advisory: Keycloak Open Redirect vulnerability High
GHSA-vvf8-2h68-9475 was published for org.keycloak:keycloak-services (Maven) Sep 19, 2024 withdrawn
Keycloak has session fixation in Elytron SAML adapters High
CVE-2024-7341 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
Duplicate Advisory: Keycloak Session Fixation vulnerability High
GHSA-j76j-rqwj-jmvv was published for org.keycloak:keycloak-services (Maven) Sep 9, 2024 withdrawn
stianst
Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak High
CVE-2024-8698 was published for org.keycloak:keycloak-saml-core (Maven) Oct 14, 2024
Chetven
Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-9730 was published Nov 22, 2024
Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-9731 was published Nov 22, 2024
On Unix platforms, the Go runtime does not behave differently when a binary is run with the... High Unreviewed
CVE-2023-29403 was published Jun 8, 2023
In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly... High Unreviewed
CVE-2024-26791 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database