GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87,750 advisories
Filter by severity
A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that...
High
Unreviewed
CVE-2021-33627
was published
Feb 10, 2022
nscd: netgroup cache assumes NSS callback uses in-buffer strings
The Name Service Cache Daemon's...
High
Unreviewed
CVE-2024-33602
was published
May 6, 2024
nscd: netgroup cache may terminate daemon on memory allocation failure
The Name Service Cache...
High
Unreviewed
CVE-2024-33601
was published
May 6, 2024
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer...
High
Unreviewed
CVE-2024-2961
was published
Apr 17, 2024
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists in Telit Cinterion...
High
Unreviewed
CVE-2023-47610
was published
Nov 9, 2023
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or...
High
Unreviewed
CVE-2024-41827
was published
Jul 22, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-39601
was published
Jul 22, 2024
An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in...
High
Unreviewed
CVE-2024-32484
was published
Jul 22, 2024
In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could...
High
Unreviewed
CVE-2024-36991
was published
Jul 1, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37117
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37211
was published
Jul 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-38708
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP:...
High
Unreviewed
CVE-2024-37942
was published
Jul 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-38692
was published
Jul 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-38755
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX...
High
Unreviewed
CVE-2024-38728
was published
Jul 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-38788
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37199
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37206
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37097
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35656
was published
Jul 22, 2024
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to...
High
Unreviewed
CVE-2024-27316
was published
Apr 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37257
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37258
was published
Jul 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-37262
was published
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API