Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

269 advisories

Loading
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET... Moderate Unreviewed
CVE-2022-30361 was published Oct 25, 2024
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker... Moderate Unreviewed
CVE-2024-10041 was published Oct 23, 2024
HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that... Moderate Unreviewed
CVE-2024-30122 was published Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform... Moderate Unreviewed
CVE-2024-20462 was published Oct 16, 2024
An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48783 was published Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21211 was published Oct 15, 2024
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User... Moderate Unreviewed
CVE-2024-21258 was published Oct 15, 2024
An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-48770 was published Oct 11, 2024
An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes,... High Unreviewed
CVE-2024-42018 was published Oct 11, 2024
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could... Low Unreviewed
CVE-2024-30132 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface... Low Unreviewed
CVE-2024-28808 was published Sep 30, 2024
An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows... Moderate Unreviewed
CVE-2024-46635 was published Sep 30, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-45374 was published Sep 26, 2024
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static... Moderate Unreviewed
CVE-2024-43694 was published Sep 26, 2024
In the goTenna Pro application, the encryption keys are stored along with a static IV on the... Moderate Unreviewed
CVE-2024-47122 was published Sep 26, 2024
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used... High Unreviewed
CVE-2024-39339 was published Sep 18, 2024
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT... Moderate Unreviewed
CVE-2024-5288 was published Aug 27, 2024
An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker... Moderate Unreviewed
CVE-2024-42677 was published Aug 15, 2024
A lock screen issue was addressed with improved state management. This issue is fixed in watchOS... Moderate Unreviewed
CVE-2024-40813 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app... Low Unreviewed
CVE-2024-40832 was published Jul 30, 2024
A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties... Moderate Unreviewed
CVE-2024-6916 was published Jul 19, 2024
The vulnerability allows a malicious low-privileged PAM user to access information about other... Moderate Unreviewed
CVE-2024-38496 was published Jul 15, 2024
In ensureFileColumns of MediaProvider.java, there is a possible disclosure of files owned by... Moderate Unreviewed
CVE-2024-34721 was published Jul 9, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed
CVE-2024-29953 was published Jun 26, 2024
An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access... Moderate Unreviewed
CVE-2024-35526 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database