GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
247 advisories
Filter by severity
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a...
Moderate
Unreviewed
CVE-2024-3843
was published
Apr 17, 2024
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2024-31784
was published
Apr 16, 2024
Apache Zeppelin: Replacing other users notebook, bypassing any permissions
Moderate
CVE-2024-31863
was published
for
org.apache.zeppelin:zeppelin-server
(Maven)
Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748...
Moderate
Unreviewed
CVE-2024-30190
was published
Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748...
High
Unreviewed
CVE-2024-30191
was published
Apr 9, 2024
A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),...
Moderate
Unreviewed
CVE-2024-30189
was published
Apr 9, 2024
Ollama DNS rebinding vulnerability
High
CVE-2024-28224
was published
for
github.com/ollama/ollama
(Go)
Apr 8, 2024
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it...
Unknown
Unreviewed
CVE-2024-29006
was published
Apr 4, 2024
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-31008
was published
Apr 3, 2024
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification...
High
Unreviewed
CVE-2024-22092
was published
Apr 2, 2024
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in...
Moderate
Unreviewed
CVE-2024-28228
was published
Mar 7, 2024
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS...
High
Unreviewed
CVE-2024-22457
was published
Mar 1, 2024
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security
Moderate
CVE-2024-21494
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows...
Moderate
Unreviewed
CVE-2023-7169
was published
Feb 8, 2024
An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via...
High
Unreviewed
CVE-2024-22519
was published
Feb 7, 2024
An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones...
High
Unreviewed
CVE-2024-22520
was published
Feb 7, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
Moderate
Unreviewed
CVE-2023-6044
was published
Jan 19, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-4566
was published
Jan 16, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-44117
was published
Jan 16, 2024
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a...
Moderate
Unreviewed
CVE-2023-4001
was published
Jan 15, 2024
ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and...
Moderate
Unreviewed
CVE-2024-0454
was published
Jan 12, 2024
A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and...
Critical
Unreviewed
CVE-2023-51350
was published
Jan 12, 2024
Windows Kerberos Security Feature Bypass Vulnerability
Critical
Unreviewed
CVE-2024-20674
was published
Jan 9, 2024
Header spoofing in caddy-geo-ip
Moderate
CVE-2023-50463
was published
for
github.com/shift72/caddy-geo-ip
(Go)
Dec 11, 2023
An issue was discovered in Network Optix NxCloud before 23.1.0.40440. It was possible to add a...
High
Unreviewed
CVE-2023-6263
was published
Nov 22, 2023
ProTip!
Advisories are also available from the
GraphQL API