Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,857 advisories

Loading
Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price... High Unreviewed
CVE-2024-21266 was published Oct 15, 2024
Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). ... High Unreviewed
CVE-2024-21279 was published Oct 15, 2024
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21268 was published Oct 15, 2024
Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21280 was published Oct 15, 2024
Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services... High Unreviewed
CVE-2024-21284 was published Oct 15, 2024
Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21269 was published Oct 15, 2024
Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field... High Unreviewed
CVE-2024-21271 was published Oct 15, 2024
Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site... High Unreviewed
CVE-2024-21265 was published Oct 15, 2024
Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost... High Unreviewed
CVE-2024-21267 was published Oct 15, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2024-21259 was published Oct 15, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21260 was published Oct 15, 2024
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). ... Moderate Unreviewed
CVE-2024-21262 was published Oct 15, 2024
Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2024-21249 was published Oct 15, 2024
OpenCanary Executes Commands From Potentially Writable Config File Moderate
CVE-2024-48911 was published for OpenCanary (pip) Oct 14, 2024
rootkiTED DavidBakerEffendi
AndreiDreyer
Credited to rootkiTED, DavidBakerEffendi, and AndreiDreyer
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48792 was published Oct 14, 2024
An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive... Critical Unreviewed
CVE-2024-48772 was published Oct 11, 2024
An issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote... Critical Unreviewed
CVE-2024-48778 was published Oct 11, 2024
An issue in Revic Optics Revic Ops (us.revic.revicops) 1.12.5 allows a remote attacker to obtain... Critical Unreviewed
CVE-2024-48787 was published Oct 11, 2024
An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker... Critical Unreviewed
CVE-2024-48786 was published Oct 11, 2024
An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker... Critical Unreviewed
CVE-2024-48784 was published Oct 11, 2024
An issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain... Critical Unreviewed
CVE-2024-48769 was published Oct 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9... High Unreviewed
CVE-2024-8970 was published Oct 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9... Moderate Unreviewed
CVE-2024-9623 was published Oct 10, 2024
Magento Open Source Improper Authorization vulnerability Moderate
CVE-2024-45131 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Authorization vulnerability High
CVE-2024-45132 was published for magento/community-edition (Composer) Oct 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database