GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10,001 advisories
Filter by severity
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can...
Low
Unreviewed
CVE-2024-53921
was published
Dec 3, 2024
Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows...
Low
Unreviewed
CVE-2024-49414
was published
Dec 3, 2024
Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows...
Low
Unreviewed
CVE-2024-49417
was published
Dec 3, 2024
A security vulnerability in HPE IceWall products could be exploited remotely to cause...
Low
Unreviewed
CVE-2024-11856
was published
Dec 2, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where...
Low
Unreviewed
CVE-2024-53701
was published
Nov 29, 2024
The game extension engine of versions 1.2.7.0 and earlier exposes some components, and attackers...
Low
Unreviewed
CVE-2024-46939
was published
Nov 28, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to...
Low
Unreviewed
CVE-2024-36464
was published
Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft...
Low
Unreviewed
CVE-2024-42332
was published
Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from...
Low
Unreviewed
CVE-2024-42331
was published
Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory...
Low
Unreviewed
CVE-2024-42333
was published
Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the...
Low
Unreviewed
CVE-2024-42329
was published
Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is...
Low
Unreviewed
CVE-2024-42328
was published
Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid...
Low
Unreviewed
CVE-2024-36468
was published
Nov 27, 2024
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon...
Low
Unreviewed
CVE-2024-22117
was published
Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi...
Low
Unreviewed
CVE-2024-8160
was published
Nov 26, 2024
Improper handling of WiFi information by framework services can allow certain malicious...
Low
Unreviewed
CVE-2020-12492
was published
Nov 25, 2024
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings...
Low
Unreviewed
CVE-2024-10710
was published
Nov 25, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9246
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9253
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability...
Low
Unreviewed
CVE-2024-9252
was published
Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9256
was published
Nov 23, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-9251
was published
Nov 23, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability....
Low
Unreviewed
CVE-2024-7511
was published
Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7391
was published
Nov 23, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure...
Low
Unreviewed
CVE-2024-9749
was published
Nov 22, 2024
ProTip!
Advisories are also available from the
GraphQL API