Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

900 advisories

Loading
Apache DolphinScheduler vulnerable to Improper Input Validation Critical
CVE-2022-45875 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Jan 4, 2023
A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0,... Critical Unreviewed
CVE-2024-44809 was published Sep 4, 2024
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™... Critical Unreviewed
CVE-2024-7988 was published Aug 26, 2024
Ezviz Internet PT Camera CS-CV246 D15655150 allows an unauthenticated host to access its live... Critical Unreviewed
CVE-2024-42531 was published Aug 23, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45167 was published Aug 22, 2024
In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve... Critical Unreviewed
CVE-2024-23717 was published Mar 11, 2024
An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial... Critical Unreviewed
CVE-2023-47003 was published Nov 16, 2023
Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-21810 was published Aug 14, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... Critical Unreviewed
CVE-2024-41940 was published Aug 13, 2024
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can... Critical Unreviewed
CVE-2024-35161 was published Jul 26, 2024
server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type. Critical Unreviewed
CVE-2024-42458 was published Aug 2, 2024
JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7... Critical Unreviewed
CVE-2024-6915 was published Aug 5, 2024
Integer overflow in libaom internal function img_alloc_helper can lead to heap buffer overflow.... Critical Unreviewed
CVE-2024-5171 was published Jun 5, 2024
Apache Struts vulnerable to remote arbitrary command execution due to improper input validation Critical
CVE-2017-5638 was published for org.apache.struts:struts2-core (Maven) Oct 18, 2018
sunSUNQ
Improper Input Validation in Apache ActiveMQ Critical
CVE-2016-3088 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability.... Critical Unreviewed
CVE-2024-23469 was published Jul 17, 2024
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute... Critical Unreviewed
CVE-2017-6316 was published May 17, 2022
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a... Critical Unreviewed
CVE-2017-12240 was published May 13, 2022
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command... Critical Unreviewed
CVE-2024-36053 was published May 19, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ... Critical Unreviewed
CVE-2024-2257 was published May 14, 2024
In multiple locations, there is a possible failure to persist or enforce user restrictions due to... Critical Unreviewed
CVE-2024-23705 was published May 7, 2024
Under certain circumstances the web interface will accept characters unrelated to the expected... Critical Unreviewed
CVE-2024-32755 was published Jul 2, 2024
Inadequate input validation exposes the system to potential remote code execution (RCE) risks.... Critical Unreviewed
CVE-2023-41917 was published Jul 2, 2024
An improper input validation vulnerability was discovered in Avaya IP Office that could allow... Critical Unreviewed
CVE-2024-4196 was published Jun 25, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... Critical Unreviewed
CVE-2024-34108 was published Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database