Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

100,088 advisories

Loading
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data... High Unreviewed
CVE-2024-21678 was published Feb 20, 2024
Deserialization of Untrusted Data in Apache Camel SQL High
CVE-2024-22369 was published for org.apache.camel:camel-sql (Maven) Feb 20, 2024
oscerd
Incorrect permissions in the installation directories for shared SystemLink Elixir based services... High Unreviewed
CVE-2024-1155 was published Feb 20, 2024
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local... High Unreviewed
CVE-2024-1156 was published Feb 20, 2024
Deserialization of Untrusted Data in Apache Camel CassandraQL High
CVE-2024-23114 was published for org.apache.camel:camel-cassandraql (Maven) Feb 20, 2024
oscerd
When opening a website using the `firefox://` protocol handler, SameSite cookies were not... High Unreviewed
CVE-2024-1555 was published Feb 20, 2024
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of... High Unreviewed
CVE-2024-1553 was published Feb 20, 2024
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston... High Unreviewed
CVE-2023-38562 was published Feb 20, 2024
Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics... High Unreviewed
CVE-2024-25199 was published Feb 20, 2024
Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory... High Unreviewed
CVE-2024-1557 was published Feb 20, 2024
netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might... High Unreviewed
CVE-2024-26581 was published Feb 20, 2024
When storing and re-accessing data on a networking channel, the length of buffers may have been... High Unreviewed
CVE-2024-1546 was published Feb 20, 2024
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0... High Unreviewed
CVE-2023-42791 was published Feb 20, 2024
A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data... High Unreviewed
CVE-2024-24794 was published Feb 20, 2024
A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imaging Data... High Unreviewed
CVE-2024-24793 was published Feb 20, 2024
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not... High Unreviewed
CVE-2023-7245 was published Feb 20, 2024
Improper Certificate Validation in Apache DolphinScheduler High
CVE-2023-49250 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Feb 20, 2024
The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay Portal 7.2.0 through 7.4.3... High Unreviewed
CVE-2024-25607 was published Feb 20, 2024
Arbitrary File Read Vulnerability in Apache Dolphinscheduler High
CVE-2023-51770 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Feb 20, 2024
XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and... High Unreviewed
CVE-2024-25606 was published Feb 20, 2024
Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated High
CVE-2024-22234 was published for org.springframework.security:spring-security-core (Maven) Feb 20, 2024
oscerd
On Linux, Node.js ignores certain environment variables if those may have been set by an... High Unreviewed
CVE-2024-21892 was published Feb 20, 2024
Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs... High Unreviewed
CVE-2024-21891 was published Feb 20, 2024
A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP... High Unreviewed
CVE-2024-22019 was published Feb 20, 2024
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP... High Unreviewed
CVE-2023-6764 was published Feb 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database