GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,633
NuGet
638
pip
3,249
Pub
10
RubyGems
865
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,761 advisories
Filter by severity
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7722
was published
Aug 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2022-26328
was published
Aug 21, 2024
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which...
Low
Unreviewed
CVE-2024-7998
was published
Aug 21, 2024
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
Low
Unreviewed
CVE-2024-43808
was published
Aug 16, 2024
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
Low
Unreviewed
CVE-2024-43809
was published
Aug 16, 2024
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow...
Low
Unreviewed
CVE-2024-7867
was published
Aug 15, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion...
Low
Unreviewed
CVE-2024-7866
was published
Aug 15, 2024
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an...
Low
Unreviewed
CVE-2024-7868
was published
Aug 15, 2024
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1...
Low
Unreviewed
CVE-2024-24973
was published
Aug 14, 2024
Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software...
Low
Unreviewed
CVE-2023-35061
was published
Aug 14, 2024
Insufficient input validation in the ABL may allow a privileged
attacker with access to the BIOS...
Low
Unreviewed
CVE-2021-46772
was published
Aug 13, 2024
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize...
Low
Unreviewed
CVE-2023-20513
was published
Aug 13, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,...
Low
Unreviewed
CVE-2023-20512
was published
Aug 13, 2024
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged...
Low
Unreviewed
CVE-2023-31307
was published
Aug 13, 2024
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware)...
Low
Unreviewed
CVE-2023-31305
was published
Aug 13, 2024
Improper input validation in SMU may allow an attacker with privileges and a compromised physical...
Low
Unreviewed
CVE-2023-31304
was published
Aug 13, 2024
Improper input validation in AMD μProf could allow an attacker to perform a write to an invalid...
Low
Unreviewed
CVE-2023-31366
was published
Aug 13, 2024
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD...
Low
Unreviewed
CVE-2021-26387
was published
Aug 13, 2024
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker...
Low
Unreviewed
CVE-2023-20518
was published
Aug 13, 2024
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and...
Low
Unreviewed
CVE-2022-45862
was published
Aug 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Low
Unreviewed
CVE-2024-41907
was published
Aug 13, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-28166
was published
Aug 13, 2024
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload...
Low
Unreviewed
CVE-2024-41731
was published
Aug 13, 2024
A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue...
Low
Unreviewed
CVE-2024-43167
was published
Aug 12, 2024
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not...
Low
Unreviewed
CVE-2024-5445
was published
Aug 12, 2024
ProTip!
Advisories are also available from the
GraphQL API