Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
974
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

30,740 advisories

Loading
An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23740 was published Jan 28, 2024
An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23739 was published Jan 28, 2024
An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute... Critical Unreviewed
CVE-2024-23738 was published Jan 28, 2024
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2024-23741 was published Jan 28, 2024
An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23742 was published Jan 28, 2024
An issue in Notion for macOS version 3.1.0 and before, allows remote attackers to execute... Critical Unreviewed
CVE-2024-23743 was published Jan 28, 2024
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute... Critical Unreviewed
CVE-2024-22862 was published Jan 27, 2024
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute... Critical Unreviewed
CVE-2024-22860 was published Jan 27, 2024
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer... Critical Unreviewed
CVE-2023-52389 was published Jan 27, 2024
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products... Critical Unreviewed
CVE-2024-20253 was published Jan 26, 2024
Deserialization of untrusted data in synthcity Critical
CVE-2024-0937 was published for synthcity (pip) Jan 26, 2024
m3t3kh4n Credited to m3t3kh4n
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script... Critical Unreviewed
CVE-2023-38323 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the... Critical Unreviewed
CVE-2023-38319 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name... Critical Unreviewed
CVE-2023-38317 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in... Critical Unreviewed
CVE-2023-38318 was published Jan 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16... Critical Unreviewed
CVE-2024-0402 was published Jan 26, 2024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21326 was published Jan 26, 2024
A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing... Critical Unreviewed
CVE-2024-23613 was published Jan 26, 2024
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A... Critical Unreviewed
CVE-2024-23615 was published Jan 26, 2024
A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An... Critical Unreviewed
CVE-2024-23624 was published Jan 26, 2024
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A... Critical Unreviewed
CVE-2024-23622 was published Jan 26, 2024
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before... Critical Unreviewed
CVE-2024-23616 was published Jan 26, 2024
An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. An... Critical Unreviewed
CVE-2024-23618 was published Jan 26, 2024
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed
CVE-2024-23619 was published Jan 26, 2024
A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before... Critical Unreviewed
CVE-2024-23617 was published Jan 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database