Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,575 advisories

Loading
Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205... High Unreviewed
CVE-2022-44520 was published Dec 19, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user... High Unreviewed
CVE-2024-56319 was published Dec 19, 2024
In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec,... High Unreviewed
CVE-2024-56318 was published Dec 19, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes... High Unreviewed
CVE-2024-56317 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially... High Unreviewed
CVE-2024-42220 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-41165 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-43106 was published Dec 19, 2024
Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker... High Unreviewed
CVE-2024-12694 was published Dec 19, 2024
Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to... High Unreviewed
CVE-2024-12695 was published Dec 19, 2024
An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates)... High Unreviewed
CVE-2024-55506 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work... High Unreviewed
CVE-2024-41145 was published Dec 19, 2024
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of... High Unreviewed
CVE-2024-41138 was published Dec 19, 2024
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to... High Unreviewed
CVE-2024-12692 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially... High Unreviewed
CVE-2024-39804 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially... High Unreviewed
CVE-2024-41159 was published Dec 19, 2024
Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote... High Unreviewed
CVE-2024-12693 was published Dec 19, 2024
An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate... High Unreviewed
CVE-2024-55505 was published Dec 19, 2024
A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to... High Unreviewed
CVE-2024-56116 was published Dec 19, 2024
Non-linear parsing of case-insensitive content in golang.org/x/net/html High
CVE-2024-45338 was published for golang.org/x/net/html (Go) Dec 18, 2024
mkcops
Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability High
GHSA-j2v2-3784-vr44 was published for opencart/opencart (Composer) Dec 18, 2024 withdrawn
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56047 was published Dec 18, 2024
A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in... High Unreviewed
CVE-2024-12741 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56053 was published Dec 18, 2024
Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects... High Unreviewed
CVE-2024-54381 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database