GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,382

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address... Moderate Unreviewed

CVE-2024-50102 was published Nov 5, 2024

IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to... Moderate Unreviewed

CVE-2024-41741 was published Nov 1, 2024

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent... Moderate Unreviewed

CVE-2024-50383 was published Oct 23, 2024

Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent... Moderate Unreviewed

CVE-2024-50382 was published Oct 23, 2024

Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware... Moderate Unreviewed

CVE-2024-48644 was published Oct 23, 2024

In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of... Moderate Unreviewed

CVE-2024-47678 was published Oct 21, 2024

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Moderate Unreviewed

CVE-2024-21233 was published Oct 15, 2024

Vulnerability in the Oracle Enterprise Command Center Framework product of Oracle E-Business... Moderate Unreviewed

CVE-2024-21206 was published Oct 15, 2024

Windows Cryptographic Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-43546 was published Oct 8, 2024

A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as... Moderate Unreviewed

CVE-2024-9513 was published Oct 4, 2024

By checking the result of calls to `window.open` with specifically set protocol handlers, an... Moderate Unreviewed

CVE-2024-9398 was published Oct 1, 2024

The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of... Moderate Unreviewed

CVE-2024-47129 was published Sep 26, 2024

The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell... Moderate Unreviewed

CVE-2024-41715 was published Sep 26, 2024

A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that... Moderate Unreviewed

CVE-2024-8651 was published Sep 19, 2024

Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed

CVE-2024-23984 was published Sep 16, 2024

User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine... Moderate Unreviewed

CVE-2024-34336 was published Sep 12, 2024

Loway - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2024-42343 was published Sep 8, 2024

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware... Moderate Unreviewed

CVE-2024-45678 was published Sep 3, 2024

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against... Moderate Unreviewed

CVE-2024-1543 was published Aug 30, 2024

Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a... Moderate Unreviewed

CVE-2024-1544 was published Aug 27, 2024

Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy Moderate Unreviewed

CVE-2024-38431 was published Jul 30, 2024

In veilid-core in Veilid before 0.3.4, the protocol's ping function can be misused in a way that... Moderate Unreviewed

CVE-2024-41880 was published Jul 22, 2024

In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an... Moderate Unreviewed

CVE-2024-39891 was published Jul 2, 2024

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2024-36996 was published Jul 1, 2024

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error... Moderate Unreviewed

CVE-2024-38322 was published Jun 29, 2024

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories