Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,993 advisories

Loading
When exporting media types, the password is exported in the YAML in plain text. This appears to... Low Unreviewed
CVE-2024-36464 was published Nov 27, 2024
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory... Low Unreviewed
CVE-2024-42333 was published Nov 27, 2024
The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft... Low Unreviewed
CVE-2024-42332 was published Nov 27, 2024
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from... Low Unreviewed
CVE-2024-42331 was published Nov 27, 2024
The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid... Low Unreviewed
CVE-2024-36468 was published Nov 27, 2024
The webdriver for the Browser object expects an error object to be initialized when the... Low Unreviewed
CVE-2024-42329 was published Nov 27, 2024
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is... Low Unreviewed
CVE-2024-42328 was published Nov 27, 2024
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi... Low Unreviewed
CVE-2024-8160 was published Nov 26, 2024
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-10710 was published Nov 25, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9251 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9256 was published Nov 23, 2024
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2024-9252 was published Nov 23, 2024
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9253 was published Nov 23, 2024
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-9246 was published Nov 23, 2024
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability.... Low Unreviewed
CVE-2024-7511 was published Nov 23, 2024
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-7391 was published Nov 23, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9761 was published Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9763 was published Nov 22, 2024
Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9760 was published Nov 22, 2024
Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9762 was published Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9749 was published Nov 22, 2024
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9753 was published Nov 22, 2024
Tungsten Automation Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure... Low Unreviewed
CVE-2024-9758 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database