Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,575 advisories

Loading
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting... High Unreviewed
CVE-2024-10385 was published Dec 20, 2024
Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute... High Unreviewed
CVE-2024-12677 was published Dec 20, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable... High Unreviewed
CVE-2024-40695 was published Dec 20, 2024
Socialstream has a Potential Account Takeover Vulnerability in Social Account Linking Due to Missing User Consent After OAuth Callback High
CVE-2024-56329 was published for joelbutcher/socialstream (Composer) Dec 20, 2024
carlosmintfan
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2024-44211 was published Dec 20, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... High Unreviewed
CVE-2024-44231 was published Dec 20, 2024
This issue was addressed with improved validation of the process entitlement and Team ID. This... High Unreviewed
CVE-2023-42867 was published Dec 20, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1.... High Unreviewed
CVE-2024-44195 was published Dec 20, 2024
Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This... High Unreviewed
CVE-2024-12832 was published Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-34159 was published Dec 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful... High Unreviewed
CVE-2022-32204 was published Dec 20, 2024
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-54538 was published Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed
CVE-2022-32144 was published Dec 20, 2024
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12829 was published Dec 20, 2024
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-12830 was published Dec 20, 2024
There is an unrestricted file upload vulnerability where it is possible for an authenticated user... High Unreviewed
CVE-2024-12700 was published Dec 20, 2024
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration (ZCS) 9.0 and 10.0 and... High Unreviewed
CVE-2024-54663 was published Dec 20, 2024
Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation... High Unreviewed
CVE-2024-11364 was published Dec 19, 2024
A post-auth SQLi vulnerability in the User Portal allows authenticated users to execute code... High Unreviewed
CVE-2024-12729 was published Dec 19, 2024
Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena®... High Unreviewed
CVE-2024-12175 was published Dec 19, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat... High Unreviewed
CVE-2024-11157 was published Dec 19, 2024
A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat... High Unreviewed
CVE-2024-12672 was published Dec 19, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged... High Unreviewed
CVE-2024-12111 was published Dec 19, 2024
GoPhish sends cleartext passwords High
CVE-2024-55196 was published for github.com/gophish/gophish (Go) Dec 19, 2024
Spring Framework Path Traversal vulnerability High
CVE-2024-38819 was published for org.springframework:spring-webflux (Maven) Dec 19, 2024
joshbressers
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database