GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
4,284 advisories
Filter by severity
Some Huawei wearables have a vulnerability of not verifying the actual data size when reading...
High
Unreviewed
CVE-2021-22484
was published
Dec 28, 2024
Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62...
High
Unreviewed
CVE-2023-7012
was published
Jul 17, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful...
High
Unreviewed
CVE-2022-32144
was published
Dec 20, 2024
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and...
High
Unreviewed
CVE-2013-6282
was published
May 17, 2022
There is an improper input verification vulnerability in Huawei printer product. Successful...
High
Unreviewed
CVE-2022-32204
was published
Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-34159
was published
Dec 20, 2024
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows...
High
Unreviewed
CVE-2012-0151
was published
May 4, 2022
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2...
High
Unreviewed
CVE-2010-2568
was published
May 14, 2022
A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients...
High
Unreviewed
CVE-2020-3390
was published
May 24, 2022
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed...
High
Unreviewed
CVE-2024-3841
was published
Apr 17, 2024
A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst...
High
Unreviewed
CVE-2020-3359
was published
May 24, 2022
In onResume of AppManagementFragment.java, there is a possible way to prevent users from...
High
Unreviewed
CVE-2023-21121
was published
Jun 15, 2023
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist...
High
Unreviewed
CVE-2023-21135
was published
Jun 15, 2023
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
High
Unreviewed
CVE-2024-1714
was published
Feb 21, 2024
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due...
High
Unreviewed
CVE-2023-21138
was published
Jun 15, 2023
In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input...
High
Unreviewed
CVE-2024-0045
was published
Mar 11, 2024
Due to the flaws in the verification of input parameters, the attacker can input carefully...
High
Unreviewed
CVE-2020-12487
was published
Dec 17, 2024
Velocidex WinPmem versions below 4.1 suffer from an Improper Input Validation vulnerability...
High
Unreviewed
CVE-2024-10972
was published
Dec 16, 2024
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally...
High
Unreviewed
CVE-2024-47238
was published
Dec 12, 2024
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-54107
was published
Dec 12, 2024
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
High
Unreviewed
CVE-2024-49057
was published
Dec 12, 2024
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation...
High
Unreviewed
CVE-2024-52982
was published
Dec 10, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM...
High
Unreviewed
CVE-2024-52051
was published
Dec 10, 2024
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested...
High
Unreviewed
CVE-2023-28649
was published
May 22, 2023
Memory corruption while processing API calls to NPU with invalid input.
High
Unreviewed
CVE-2024-43052
was published
Dec 2, 2024
ProTip!
Advisories are also available from the
GraphQL API