Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103,281 advisories

Loading
Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&&... High Unreviewed
CVE-2024-37860 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30964 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30963 was published Dec 6, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30962 was published Dec 6, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2... High Unreviewed
CVE-2024-30961 was published Dec 6, 2024
In store_upgrade and store_cmd of drivers/input/touchscreen/stm/ftm4_pdc.c, there are out of... High Unreviewed
CVE-2018-9388 was published Dec 6, 2024
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a... High Unreviewed
CVE-2024-11148 was published Dec 5, 2024
JSFinder commit d70ab9bc5221e016c08cffaf0d9ac79646c90645 is vulnerable to Directory Traversal in... High Unreviewed
CVE-2024-53523 was published Dec 5, 2024
GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's... High Unreviewed
CVE-2024-53589 was published Dec 5, 2024
A “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that... High Unreviewed
CVE-2024-11155 was published Dec 5, 2024
An “out of bounds write” code execution vulnerability exists in the Rockwell Automation Arena® ... High Unreviewed
CVE-2024-11156 was published Dec 5, 2024
An “out of bounds read” code execution vulnerability exists in the Rockwell Automation Arena® ... High Unreviewed
CVE-2024-12130 was published Dec 5, 2024
Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java. High Unreviewed
CVE-2024-53490 was published Dec 5, 2024
WeGIA v3.2.0 was discovered to contain a Cross-Site Request Forgery (CSRF). High Unreviewed
CVE-2024-53472 was published Dec 5, 2024
An “uninitialized variable” code execution vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-11158 was published Dec 5, 2024
User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows... High Unreviewed
CVE-2024-52271 was published Dec 5, 2024
Configuration Download vulnerabilities allow access to dependency configuration information. ... High Unreviewed
CVE-2024-51542 was published Dec 5, 2024
Service Control vulnerabilities allow access to service restart requests and vm configuration... High Unreviewed
CVE-2024-51544 was published Dec 5, 2024
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers... High Unreviewed
CVE-2024-45318 was published Dec 5, 2024
Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy.... High Unreviewed
CVE-2024-40763 was published Dec 5, 2024
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed
CVE-2024-51546 was published Dec 5, 2024
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... High Unreviewed
CVE-2024-51554 was published Dec 5, 2024
Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ... High Unreviewed
CVE-2024-51548 was published Dec 5, 2024
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification... High Unreviewed
CVE-2024-54126 was published Dec 5, 2024
Web browser interface may manipulate application username/password in clear text or Base64... High Unreviewed
CVE-2024-6515 was published Dec 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database