GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
Security vulnerability in the HiView module
Impact: Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2024-54097
was published
Dec 12, 2024
Information Disclosure vulnerabilities allow access to application configuration information. ...
High
Unreviewed
CVE-2024-51543
was published
Dec 5, 2024
Service Control vulnerabilities allow access to service restart requests and vm configuration...
High
Unreviewed
CVE-2024-51544
was published
Dec 5, 2024
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the...
High
Unreviewed
CVE-2024-50358
was published
Nov 26, 2024
Flowise OverrideConfig security vulnerability
High
GHSA-5cph-wvm9-45gj
was published
for
flowise
(npm)
Nov 21, 2024
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database...
High
Unreviewed
CVE-2024-10979
was published
Nov 14, 2024
github.com/gitpod-io/gitpod vulnerable to Cookie Tossing
Moderate
CVE-2024-21583
was published
for
github.com/gitpod-io/gitpod
(Go)
Jul 19, 2024
A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-4326
was published
May 16, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender...
High
Unreviewed
CVE-2023-6154
was published
Apr 1, 2024
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process...
High
Unreviewed
CVE-2024-1488
was published
Feb 15, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack
Moderate
CVE-2024-23639
was published
for
io.micronaut:micronaut-http-server
(Maven)
Feb 9, 2024
Unauthorized startup vulnerability of background apps. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-46764
was published
Nov 8, 2023
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed,...
Moderate
Unreviewed
CVE-2023-43323
was published
Sep 28, 2023
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior...
High
Unreviewed
CVE-2023-4704
was published
Sep 1, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3321
was published
Jul 24, 2023
Versions 00.07.00 through 00.07.03.4 of Teltonika’s RUT router firmware contain a packet dump...
High
Unreviewed
CVE-2023-32349
was published
Jul 6, 2023
in-toto vulnerable to Configuration Read From Local Directory
Moderate
CVE-2023-32076
was published
for
in-toto
(pip)
May 11, 2023
Some API functions allow interaction with the registry, which includes reading values as well as...
Critical
Unreviewed
CVE-2021-38453
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API