Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,434
Erlang
29
GitHub Actions
16
Go
1,660
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

49 advisories

An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can... High Unreviewed
CVE-2024-4140 was published May 2, 2024
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when... Unknown Unreviewed
CVE-2024-27080 was published May 1, 2024
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix use-after... Unknown Unreviewed
CVE-2024-26944 was published May 1, 2024
The server in Circontrol Raption through 5.11.2 has a pre-authentication stack-based buffer... Unknown Unreviewed
CVE-2020-8006 was published Apr 12, 2024
Apache Zeppelin remote code execution by adding malicious JDBC connection string Critical
CVE-2024-31864 was published for org.apache.zeppelin:zeppelin-jdbc (Maven) Apr 9, 2024
oscerd
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after... Unknown Unreviewed
CVE-2024-26656 was published Apr 2, 2024
In the Linux kernel, the following vulnerability has been resolved: drm/sched: fix null-ptr... Unknown Unreviewed
CVE-2024-26657 was published Apr 2, 2024
This vulnerability allows access to arbitrary files in the application server file system due to... Critical Unreviewed
CVE-2024-2227 was published Mar 22, 2024
A vulnerability, which was classified as problematic, was found in Campcodes Online Job Finder... Moderate Unreviewed
CVE-2024-2685 was published Mar 20, 2024
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow Moderate
CVE-2024-21662 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 pasha-codefresh
crenshaw-dev todaywasawesome jannfis
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss Moderate
CVE-2024-21652 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 pasha-codefresh
jannfis crenshaw-dev todaywasawesome
In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for... Unknown Unreviewed
CVE-2024-26635 was published Mar 18, 2024
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-2020 was published Mar 13, 2024
An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to... Unknown Unreviewed
CVE-2024-24278 was published Mar 6, 2024
Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0... Unknown Unreviewed
CVE-2024-24275 was published Mar 6, 2024
Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4... Unknown Unreviewed
CVE-2024-24276 was published Mar 6, 2024
Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed
CVE-2023-4539 was published Feb 15, 2024
The database access credentials configured during installation are stored in a special table, and... Moderate Unreviewed
CVE-2023-4538 was published Feb 15, 2024
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what... High Unreviewed
CVE-2023-4537 was published Feb 15, 2024
BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure... Moderate Unreviewed
CVE-2024-21782 was published Feb 14, 2024
TYPO3 Install Tool vulnerable to Code Execution High
CVE-2024-22188 was published for typo3/cms-core (Composer) Feb 13, 2024
bnf
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as command line argument. In... High Unreviewed
CVE-2020-36771 was published Jan 22, 2024
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A vulnerability, which was classified as critical, has been found in ForU CMS up to 2020-06-23.... Moderate Unreviewed
CVE-2024-0729 was published Jan 19, 2024
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by... Moderate Unreviewed
CVE-2024-0728 was published Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API