GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11,252 advisories
Filter by severity
When exporting media types, the password is exported in the YAML in plain text. This appears to...
Low
Unreviewed
CVE-2024-36464
was published
Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from...
Low
Unreviewed
CVE-2024-42331
was published
Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft...
Low
Unreviewed
CVE-2024-42332
was published
Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory...
Low
Unreviewed
CVE-2024-42333
was published
Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is...
Low
Unreviewed
CVE-2024-42328
was published
Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the...
Low
Unreviewed
CVE-2024-42329
was published
Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid...
Low
Unreviewed
CVE-2024-36468
was published
Nov 27, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
Low
CVE-2024-52008
was published
for
ethyca-fides
(pip)
Nov 26, 2024
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon...
Low
Unreviewed
CVE-2024-22117
was published
Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi...
Low
Unreviewed
CVE-2024-8160
was published
Nov 26, 2024
deno_doc's HTML generator vulnerable to Cross-site Scripting
Low
CVE-2024-32468
was published
for
deno_doc
(Rust)
Nov 25, 2024
@sveltejs/kit vulnerable to on dev mode 404 page
Low
CVE-2024-53261
was published
for
@sveltejs/kit
(npm)
Nov 25, 2024
@sveltejs/kit has unescaped error message included on error page
Low
CVE-2024-53262
was published
for
@sveltejs/kit
(npm)
Nov 25, 2024
Improper handling of WiFi information by framework services can allow certain malicious...
Low
Unreviewed
CVE-2020-12492
was published
Nov 25, 2024
Duplicate Advisory: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path
Low
GHSA-6vrw-mpj8-3j59
was published
for
org.keycloak:keycloak-quarkus-server
(Maven)
Nov 25, 2024
•
withdrawn
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings...
Low
Unreviewed
CVE-2024-10710
was published
Nov 25, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9251
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9253
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability...
Low
Unreviewed
CVE-2024-9252
was published
Nov 23, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9246
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9256
was published
Nov 23, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability....
Low
Unreviewed
CVE-2024-7511
was published
Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7391
was published
Nov 23, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9749
was published
Nov 22, 2024
Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9752
was published
Nov 22, 2024
ProTip!
Advisories are also available from the
GraphQL API