Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,761 advisories

Loading
SiYuan has an arbitrary file deletion vulnerability High
CVE-2025-21609 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 3, 2025
N0el4kLs
Karmada PULL Mode Cluster Privilege Escalation High
CVE-2024-56513 was published for github.com/karmada-io/karmada (Go) Jan 3, 2025
zhzhuang-zju RainbowMango
SHIRO-BAKO suidpit TheZ3ro
PhpSpreadsheet allows unauthorized Reflected XSS in `Convert-Online.php` file High
CVE-2024-56408 was published for phpoffice/phpexcel (Composer) Jan 3, 2025
zly123987
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a high... High Unreviewed
CVE-2024-9138 was published Jan 3, 2025
In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed
CVE-2024-53841 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53840 was published Jan 3, 2025
there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed
CVE-2024-53835 was published Jan 3, 2025
In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-47032 was published Jan 3, 2025
there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed
CVE-2024-11624 was published Jan 3, 2025
In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out... High Unreviewed
CVE-2024-53838 was published Jan 3, 2025
In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read... High Unreviewed
CVE-2024-53834 was published Jan 3, 2025
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-53837 was published Jan 3, 2025
In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-53833 was published Jan 3, 2025
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass... High Unreviewed
CVE-2024-43764 was published Jan 3, 2025
In multiple locations, there is a possible way to avoid unbinding of a service from the system... High Unreviewed
CVE-2024-43762 was published Jan 3, 2025
In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due... High Unreviewed
CVE-2024-43767 was published Jan 3, 2025
In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43097 was published Jan 3, 2025
In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2024-43768 was published Jan 3, 2025
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed
CVE-2024-43769 was published Jan 3, 2025
In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to... High Unreviewed
CVE-2024-43077 was published Jan 3, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2024-55543 was published Jan 2, 2025
A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated... High Unreviewed
CVE-2024-9950 was published Jan 2, 2025
Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly... High Unreviewed
CVE-2023-48758 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56014 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database