GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
31,885 advisories
Filter by severity
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel...
Critical
Unreviewed
CVE-2024-32735
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for...
Critical
Unreviewed
CVE-2024-32700
was published
May 14, 2024
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c ...
Critical
Unreviewed
CVE-2024-32622
was published
May 14, 2024
HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.
Critical
Unreviewed
CVE-2024-32611
was published
May 14, 2024
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in...
Critical
Unreviewed
CVE-2024-32615
was published
May 14, 2024
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called...
Critical
Unreviewed
CVE-2024-32621
was published
May 14, 2024
An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON...
Critical
Unreviewed
CVE-2022-32504
was published
May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ...
Critical
Unreviewed
CVE-2024-31810
was published
May 14, 2024
Due to an unsafe de-serialization method used by the Veeam Service Provider Console(VSPC) server...
Critical
Unreviewed
CVE-2024-29212
was published
May 14, 2024
HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the...
Critical
Unreviewed
CVE-2024-29159
was published
May 14, 2024
This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ...
Critical
Unreviewed
CVE-2024-2257
was published
May 14, 2024
Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP...
Critical
Unreviewed
CVE-2024-31377
was published
May 14, 2024
An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker to escalate privileges...
Critical
Unreviewed
CVE-2024-30802
was published
May 14, 2024
HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the...
Critical
Unreviewed
CVE-2024-29164
was published
May 14, 2024
HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of...
Critical
Unreviewed
CVE-2024-29157
was published
May 14, 2024
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2024-28075
was published
May 14, 2024
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of...
Critical
Unreviewed
CVE-2024-28285
was published
May 14, 2024
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and...
Critical
Unreviewed
CVE-2024-27810
was published
May 14, 2024
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS...
Critical
Unreviewed
CVE-2024-27841
was published
May 14, 2024
SQL Injection vulnerability in School Task Manager v.1.0 allows a remote attacker to obtain...
Critical
Unreviewed
CVE-2024-26517
was published
May 14, 2024
NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the...
Critical
Unreviewed
CVE-2024-0087
was published
May 14, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to...
Critical
Unreviewed
CVE-2023-47709
was published
May 14, 2024
@valtimo/components exposes access token to form.io
Critical
CVE-2024-34706
was published
for
@valtimo/components
(npm)
May 13, 2024
llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata
Critical
CVE-2024-34359
was published
for
llama-cpp-python
(pip)
May 13, 2024
Blind XSS Leading to Froxlor Application Compromise
Critical
CVE-2024-34070
was published
for
froxlor/froxlor
(Composer)
May 10, 2024
ProTip!
Advisories are also available from the
GraphQL API