Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,007 advisories

Loading
The Client secret is not checked when using the OAuth Password grant type. By exploiting this... Low Unreviewed
CVE-2024-12056 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed
CVE-2024-54153 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of... Low Unreviewed
CVE-2024-54158 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed
CVE-2024-54155 was published Dec 4, 2024
Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php... Low Unreviewed
CVE-2024-53502 was published Dec 4, 2024
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed
CVE-2024-53921 was published Dec 3, 2024
Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows... Low Unreviewed
CVE-2024-49414 was published Dec 3, 2024
Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows... Low Unreviewed
CVE-2024-49417 was published Dec 3, 2024
A security vulnerability in HPE IceWall products could be exploited remotely to cause... Low Unreviewed
CVE-2024-11856 was published Dec 2, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed
CVE-2024-53701 was published Nov 29, 2024
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers... Low Unreviewed
CVE-2024-46939 was published Nov 28, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft... Low Unreviewed
CVE-2024-42332 was published Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from... Low Unreviewed
CVE-2024-42331 was published Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory... Low Unreviewed
CVE-2024-42333 was published Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the... Low Unreviewed
CVE-2024-42329 was published Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is... Low Unreviewed
CVE-2024-42328 was published Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid... Low Unreviewed
CVE-2024-36468 was published Nov 27, 2024
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi... Low Unreviewed
CVE-2024-8160 was published Nov 26, 2024
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-10710 was published Nov 25, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9246 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9253 was published Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2024-9252 was published Nov 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database