Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,719 advisories

Loading
A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023... Moderate Unreviewed
CVE-2023-41266 was published Aug 30, 2023
Input verification vulnerability in the log module. Impact: Successful exploitation of this... High Unreviewed
CVE-2024-27896 was published Apr 8, 2024
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API... Moderate Unreviewed
CVE-2024-52337 was published Nov 26, 2024
Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC... Moderate Unreviewed
CVE-2023-31339 was published Aug 13, 2024
The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will... Moderate Unreviewed
CVE-2024-39281 was published Nov 12, 2024
Improper Input Validation in Buildah and Podman Moderate
CVE-2024-9407 was published for github.com/containers/buildah (Go) Oct 1, 2024
Apache Syncope: Stored XSS in Console and Enduser Moderate
CVE-2024-45031 was published for org.apache.syncope.client:syncope-client-console (Maven) Oct 24, 2024
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an... High Unreviewed
CVE-2019-12687 was published May 24, 2022
A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an... High Unreviewed
CVE-2019-12688 was published May 24, 2022
A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software,... Moderate Unreviewed
CVE-2019-1981 was published May 24, 2022
A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an... High Unreviewed
CVE-2020-3302 was published May 24, 2022
A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software,... Moderate Unreviewed
CVE-2019-1978 was published May 24, 2022
A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an... Moderate Unreviewed
CVE-2020-3307 was published May 24, 2022
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows... High Unreviewed
CVE-2016-6433 was published May 13, 2022
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW High Unreviewed
CVE-2017-15832 was published Nov 26, 2024
Improper Input Validation in Twisted Critical
CVE-2020-10108 was published for Twisted (pip) Mar 31, 2020
A vulnerability was found in welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5. It has been... Moderate Unreviewed
CVE-2024-11662 was published Nov 25, 2024
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion... Moderate Unreviewed
CVE-2024-9257 was published Nov 22, 2024
Input verification vulnerability in the account module.Successful exploitation of this... Moderate Unreviewed
CVE-2023-52368 was published Feb 18, 2024
Improper Input Validation vulnerability in Apache Hop Engine Moderate
CVE-2024-24683 was published for org.apache.hop:hop (Maven) Mar 19, 2024
Koji blacklisted paths workaround High
CVE-2017-1002153 was published for koji (pip) May 13, 2022
Improper Input Validation in mindsdb Moderate
CVE-2023-49796 was published for mindsdb (pip) Dec 12, 2023
sylwia-budzynska
OpenStack Nova Scheduler denial of service through scheduler_hints Low
CVE-2012-3371 was published for Nova (pip) May 17, 2022
OpenStack Compute (Nova) Improper Input Validation Moderate
CVE-2012-2654 was published for nova (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database