Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

256,479 advisories

Loading
Duplicate Advisory: Querydsl SQL/HQL injection High
GHSA-wpvf-5mc3-hv6m was published for com.querydsl:querydsl-apt (Maven) Nov 20, 2024 withdrawn
Moodle IDOR when deleting OAuth2 linked accounts Moderate
CVE-2024-45690 was published for moodle/moodle (Composer) Nov 20, 2024
In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: add missing... Moderate Unreviewed
CVE-2024-50291 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet:... Moderate Unreviewed
CVE-2024-50297 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash... Moderate Unreviewed
CVE-2024-50296 was published Nov 19, 2024
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate... Moderate Unreviewed
CVE-2024-50298 was published Nov 19, 2024
Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in... Moderate Unreviewed
CVE-2024-53975 was published Nov 26, 2024
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize... Moderate Unreviewed
CVE-2024-50302 was published Nov 19, 2024
Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of... High Unreviewed
CVE-2024-11699 was published Nov 26, 2024
Missing thread synchronization primitives could have led to a data race on members of the... Moderate Unreviewed
CVE-2024-11708 was published Nov 26, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search... Unknown Unreviewed
CVE-2024-53635 was published Nov 27, 2024
In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at... Unknown Unreviewed
CVE-2024-53920 was published Nov 27, 2024
A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID... Unknown Unreviewed
CVE-2024-53604 was published Nov 27, 2024
A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID... Unknown Unreviewed
CVE-2024-53603 was published Nov 27, 2024
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
Stored Cross-Site Scripting in the Access Request History in Omada Identity before version 15... Unknown Unreviewed
CVE-2024-52951 was published Nov 27, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Unknown Unreviewed
CVE-2024-46054 was published Nov 27, 2024
OpenVidReview 1.0 is vulnerable to Cross Site Scripting (XSS) in review names. Unknown Unreviewed
CVE-2024-46055 was published Nov 27, 2024
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via... Moderate Unreviewed
CVE-2023-34658 was published Jun 29, 2023
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video... High Unreviewed
CVE-2023-34656 was published Jun 29, 2023
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message... Moderate Unreviewed
CVE-2023-34761 was published Jun 28, 2023
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13.... Moderate Unreviewed
CVE-2022-48505 was published Jun 28, 2023
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid... Low Unreviewed
CVE-2024-36468 was published Nov 27, 2024
A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed
CVE-2024-42327 was published Nov 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database