GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
89,625 advisories
Filter by severity
An ActiveMQ Discovery service was reachable by default from an OpenEdge Management installation...
High
Unreviewed
CVE-2024-7654
was published
Sep 3, 2024
Host name validation for TLS certificates is bypassed when the installed OpenEdge default...
High
Unreviewed
CVE-2024-7346
was published
Sep 3, 2024
Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit...
High
Unreviewed
CVE-2024-7345
was published
Sep 3, 2024
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an...
High
Unreviewed
CVE-2024-6473
was published
Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to...
High
Unreviewed
CVE-2024-45588
was published
Sep 3, 2024
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via...
High
Unreviewed
CVE-2024-8374
was published
Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to...
High
Unreviewed
CVE-2024-45587
was published
Sep 3, 2024
This vulnerability exists due to improper access controls on APIs in the Authentication module of...
High
Unreviewed
CVE-2024-45586
was published
Sep 3, 2024
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel...
High
Unreviewed
CVE-2024-3655
was published
Sep 3, 2024
VMware Fusion (13.x before 13.6) contains a code-execution vulnerability due to the usage of an...
High
Unreviewed
CVE-2024-38811
was published
Sep 3, 2024
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through...
High
Unreviewed
CVE-2024-42058
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42059
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42060
was published
Sep 3, 2024
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware...
High
Unreviewed
CVE-2024-5412
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-7203
was published
Sep 3, 2024
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions...
High
Unreviewed
CVE-2024-42057
was published
Sep 3, 2024
The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version...
High
Unreviewed
CVE-2024-1621
was published
Sep 2, 2024
Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc....
High
Unreviewed
CVE-2024-6921
was published
Sep 2, 2024
Memory corruption when the captureRead QDCM command is invoked from user-space.
High
Unreviewed
CVE-2024-33047
was published
Sep 2, 2024
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
High
Unreviewed
CVE-2024-33045
was published
Sep 2, 2024
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
High
Unreviewed
CVE-2024-33051
was published
Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release...
High
Unreviewed
CVE-2024-7938
was published
Sep 2, 2024
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length...
High
Unreviewed
CVE-2024-33050
was published
Sep 2, 2024
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
High
Unreviewed
CVE-2024-33048
was published
Sep 2, 2024
Memory corruption when Alternative Frequency offset value is set to 255.
High
Unreviewed
CVE-2024-33042
was published
Sep 2, 2024
ProTip!
Advisories are also available from the
GraphQL API