GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
10,758 advisories
Filter by severity
The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability...
High
Unreviewed
CVE-2024-33700
was published
Oct 30, 2024
Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi...
Moderate
Unreviewed
CVE-2023-34983
was published
Oct 29, 2024
Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi...
Moderate
Unreviewed
CVE-2023-28374
was published
Oct 29, 2024
Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi...
Moderate
Unreviewed
CVE-2023-25951
was published
Oct 29, 2024
mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of...
High
Unreviewed
CVE-2024-6868
was published
Oct 29, 2024
There is a command injection vulnerability in ZTE MF258 Pro product. Due to insufficient...
Moderate
Unreviewed
CVE-2024-22065
was published
Oct 29, 2024
NVIDIA vGPU software contains a vulnerability in the GPU kernel driver of the vGPU Manager for...
High
Unreviewed
CVE-2024-0127
was published
Oct 26, 2024
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a...
High
Unreviewed
CVE-2024-0126
was published
Oct 26, 2024
Denied Host Validation Bypass in Zitadel Actions
Moderate
CVE-2024-49753
was published
for
github.com/zitadel/zitadel
(Go)
Oct 25, 2024
Apache Syncope: Stored XSS in Console and Enduser
Moderate
CVE-2024-45031
was published
for
org.apache.syncope.client:syncope-client-console
(Maven)
Oct 24, 2024
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100...
Moderate
Unreviewed
CVE-2023-42776
was published
Oct 24, 2024
A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2024-20495
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20274
was published
Oct 23, 2024
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
High
Unreviewed
CVE-2024-6333
was published
Oct 17, 2024
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is ...
Moderate
Unreviewed
CVE-2024-29155
was published
Oct 16, 2024
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
High
Unreviewed
CVE-2024-9348
was published
Oct 16, 2024
Account users in Apache CloudStack by default are allowed to upload and register templates for...
High
Unreviewed
CVE-2024-45219
was published
Oct 16, 2024
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy
Critical
CVE-2024-48914
was published
for
@vendure/asset-server-plugin
(npm)
Oct 15, 2024
An unauthenticated local attacker can gain admin privileges by deploying a config file due to...
High
Unreviewed
CVE-2024-45271
was published
Oct 15, 2024
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory...
High
Unreviewed
CVE-2024-6207
was published
Oct 14, 2024
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &...
Moderate
Unreviewed
CVE-2024-9507
was published
Oct 11, 2024
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS...
High
Unreviewed
CVE-2024-8755
was published
Oct 11, 2024
Improper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-24463
was published
Oct 10, 2024
Magento Open Source Improper Input Validation vulnerability
Moderate
CVE-2024-45117
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper...
High
Unreviewed
CVE-2024-9286
was published
Oct 9, 2024
ProTip!
Advisories are also available from the
GraphQL API