Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,687 advisories

Loading
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed
CVE-2024-57452 was published Feb 3, 2025
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly... High Unreviewed
CVE-2024-12511 was published Feb 3, 2025
The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all... High Unreviewed
CVE-2024-12859 was published Feb 3, 2025
Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. High Unreviewed
CVE-2024-49843 was published Feb 3, 2025
Memory corruption may occour occur when stopping the WLAN interface after processing a WMI... High Unreviewed
CVE-2024-45571 was published Feb 3, 2025
Memory corruption while validating number of devices in Camera kernel . High Unreviewed
CVE-2024-45582 was published Feb 3, 2025
Memory corruption can occur in the camera when an invalid CID is used. High Unreviewed
CVE-2024-49833 was published Feb 3, 2025
Memory corruption while reading CPU state data during guest VM suspend. High Unreviewed
CVE-2024-49837 was published Feb 3, 2025
Memory corruption while power-up or power-down sequence of the camera sensor. High Unreviewed
CVE-2024-49834 was published Feb 3, 2025
Memory corruption in Camera due to unusually high number of nodes passed to AXI port. High Unreviewed
CVE-2024-49832 was published Feb 3, 2025
Memory corruption while handling IOCTL call from user-space to set latency level. High Unreviewed
CVE-2024-45561 was published Feb 3, 2025
Memory corruption while parsing the memory map info in IOCTL calls. High Unreviewed
CVE-2024-38418 was published Feb 3, 2025
Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. High Unreviewed
CVE-2024-45560 was published Feb 3, 2025
Memory corruption while configuring a Hypervisor based input virtual device. High Unreviewed
CVE-2024-38420 was published Feb 3, 2025
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from... High Unreviewed
CVE-2024-45584 was published Feb 3, 2025
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or... High Unreviewed
CVE-2024-49840 was published Feb 3, 2025
Memory corruption may occour while generating test pattern due to negative indexing of display ID. High Unreviewed
CVE-2024-45573 was published Feb 3, 2025
Information disclosure while parsing the OCI IE with invalid length. High Unreviewed
CVE-2024-49838 was published Feb 3, 2025
Memory corruption during management frame processing due to mismatch in T2LM info element. High Unreviewed
CVE-2024-49839 was published Feb 3, 2025
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in... High Unreviewed
CVE-2024-38404 was published Feb 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-24569 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24557 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24559 was published Feb 3, 2025
Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle allows... High Unreviewed
CVE-2025-24556 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24684 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database