Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

361 advisories

Loading
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts... Low Unreviewed
CVE-2024-42175 was published Jan 11, 2025
Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer... Low Unreviewed
CVE-2024-12014 was published Dec 20, 2024
Ansible-Core vulnerable to content protections bypass Low
CVE-2024-11079 was published for ansible-core (pip) Nov 12, 2024
arvindshmicrosoft
Symfony has an incorrect response from Validator when input ends with `\n` Low
CVE-2024-50343 was published for symfony/symfony (Composer) Nov 6, 2024
offscriptian alexandre-daubois
sigstore has insufficient validation of integration timestamp during verification Low
CVE-2024-55655 was published for sigstore (pip) Dec 11, 2024
woodruffw haydentherapper
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-52831 was published Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-43755 was published Dec 11, 2024
Insufficient validation of filenames against control characters in Apache Subversion repositories... Low Unreviewed
CVE-2024-46901 was published Dec 9, 2024
sigstore-java has a vulnerability with bundle verification Low
CVE-2024-54140 was published for dev.sigstore:sigstore-java (Maven) Dec 5, 2024
loosebazooka
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon... Low Unreviewed
CVE-2024-22117 was published Nov 26, 2024
OpenStack Nova Scheduler denial of service through scheduler_hints Low
CVE-2012-3371 was published for Nova (pip) May 17, 2022
Incorrect parsing of nameless cookies leads to __Host- cookies bypass Low
CVE-2023-23934 was published for Werkzeug (pip) Feb 15, 2023
lavish
Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an... Low Unreviewed
CVE-2024-32485 was published Nov 13, 2024
Incomplete validation in `SparseReshape` Low
CVE-2021-29611 was published for tensorflow (pip) May 21, 2021
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... Low Unreviewed
CVE-2024-50560 was published Nov 12, 2024
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft... Low Unreviewed
CVE-2024-8518 was published Oct 8, 2024
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2024-43697 was published Oct 8, 2024
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior... Low Unreviewed
CVE-2023-3906 was published Sep 29, 2023
An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9... Low Unreviewed
CVE-2023-5963 was published Nov 6, 2023
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on... Low Unreviewed
CVE-2023-6950 was published Apr 2, 2024
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a... Low Unreviewed
CVE-2024-1221 was published Mar 14, 2024
IPython vulnerable to command injection via set_term_title Low
CVE-2023-24816 was published for ipython (pip) Feb 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database