Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

305,647 advisories

Loading
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-27858 was published Sep 17, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS... Moderate Unreviewed
CVE-2024-40860 was published Sep 17, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.... Moderate Unreviewed
CVE-2024-27860 was published Sep 17, 2024
Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU... Moderate Unreviewed
CVE-2024-23184 was published Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell... High Unreviewed
CVE-2024-8504 was published Sep 10, 2024
The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free... High Unreviewed
CVE-2024-45063 was published Sep 5, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.... Moderate Unreviewed
CVE-2024-23237 was published Sep 17, 2024
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length... Critical Unreviewed
CVE-2024-45490 was published Aug 30, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and... High Unreviewed
CVE-2024-27874 was published Sep 17, 2024
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace,... High Unreviewed
CVE-2024-8178 was published Sep 5, 2024
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were... Critical Unreviewed
CVE-2024-8384 was published Sep 3, 2024
Very large headers can cause resource exhaustion when parsing message. The message-parser... High Unreviewed
CVE-2024-23185 was published Sep 10, 2024
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an... High Unreviewed
CVE-2024-45492 was published Aug 30, 2024
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer... High Unreviewed
CVE-2024-45491 was published Aug 30, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an... Moderate Unreviewed
CVE-2024-35152 was published Aug 14, 2024
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1,... Moderate Unreviewed
CVE-2024-35136 was published Aug 14, 2024
Module savepoints could be abused to inject references to malicious code delivered through the... Moderate Unreviewed
CVE-2024-25582 was published Aug 19, 2024
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does... Critical Unreviewed
CVE-2024-44070 was published Aug 19, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 could allow an... Moderate Unreviewed
CVE-2024-37529 was published Aug 14, 2024
NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an... High Unreviewed
CVE-2024-0107 was published Aug 8, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are... High Unreviewed
CVE-2024-33896 was published Aug 2, 2024
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue... High Unreviewed
CVE-2024-7396 was published Aug 5, 2024
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access... Critical Unreviewed
CVE-2024-7395 was published Aug 5, 2024
Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed
CVE-2024-7397 was published Aug 5, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed
CVE-2024-33895 was published Aug 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database