Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,921 advisories

Loading
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). ... Low Unreviewed
CVE-2024-21244 was published Oct 15, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Low Unreviewed
CVE-2024-21253 was published Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Low Unreviewed
CVE-2024-21232 was published Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication... Low Unreviewed
CVE-2024-21237 was published Oct 15, 2024
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ... Low Unreviewed
CVE-2024-21247 was published Oct 15, 2024
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address.... Low Unreviewed
CVE-2024-49383 was published Oct 15, 2024
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address.... Low Unreviewed
CVE-2024-49384 was published Oct 15, 2024
Sensitive information manipulation due to improper authorization. The following products are... Low Unreviewed
CVE-2024-49388 was published Oct 15, 2024
Excessive attack surface in archive-server service due to binding to an unrestricted IP address.... Low Unreviewed
CVE-2024-49382 was published Oct 15, 2024
A dynamic search for a prerequisite library could allow the possibility for an attacker to... Low Unreviewed
CVE-2024-30117 was published Oct 15, 2024
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk... Low Unreviewed
CVE-2024-38863 was published Oct 14, 2024
Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Low Unreviewed
CVE-2023-27307 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-27303 was published Oct 10, 2024
Deserialization of untrusted data in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Low Unreviewed
CVE-2023-26592 was published Oct 10, 2024
Unchecked return value in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88... Low Unreviewed
CVE-2023-26591 was published Oct 10, 2024
Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Low Unreviewed
CVE-2023-27300 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-26596 was published Oct 10, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2... Low Unreviewed
CVE-2024-9596 was published Oct 10, 2024
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed
CVE-2024-30118 was published Oct 9, 2024
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection... Low Unreviewed
CVE-2024-39586 was published Oct 9, 2024
i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden... Low Unreviewed
CVE-2023-36325 was published Oct 9, 2024
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before... Low Unreviewed
CVE-2024-27457 was published Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings Low Unreviewed
CVE-2024-47951 was published Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings Low Unreviewed
CVE-2024-47950 was published Oct 8, 2024
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in... Low Unreviewed
CVE-2024-33506 was published Oct 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database