Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

36 advisories

Loading
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
ASTEVAL Allows Malicious Tampering of Exposed AST Nodes Leads to Sandbox Escape High
GHSA-vp47-9734-prjw was published for asteval (pip) Jan 23, 2025
SteakEnthusiast
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55924 was published for typo3/cms-scheduler (Composer) Jan 14, 2025
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55921 was published for typo3/cms-extensionmanager (Composer) Jan 14, 2025
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability... High Unreviewed
CVE-2023-39470 was published Nov 22, 2024
Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by... High Unreviewed
CVE-2024-47005 was published Oct 25, 2024
Local Privilege Escalation in MSI-Installer in baramundi Management Agent v23.1.172.0 on Windows... High Unreviewed
CVE-2024-6689 was published Jul 15, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35209 was published Jun 11, 2024
parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an... High Unreviewed
CVE-2024-1873 was published Jun 6, 2024
Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation... High Unreviewed
CVE-2023-51577 was published May 3, 2024
Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution... High Unreviewed
CVE-2023-51584 was published May 3, 2024
Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Denial-of-Service Vulnerability... High Unreviewed
CVE-2023-51578 was published May 3, 2024
Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure... High Unreviewed
CVE-2023-42032 was published May 3, 2024
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-39493 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function... High Unreviewed
CVE-2023-39468 was published May 3, 2024
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function... High Unreviewed
CVE-2023-38124 was published May 3, 2024
NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function... High Unreviewed
CVE-2023-38101 was published May 3, 2024
NETGEAR ProSAFE Network Management System BkreProcessThread Exposed Dangerous Function Remote... High Unreviewed
CVE-2023-38097 was published May 3, 2024
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-37330 was published May 3, 2024
Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-27363 was published May 3, 2024
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27364 was published May 3, 2024
Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-27365 was published May 3, 2024
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU... High Unreviewed
CVE-2023-49074 was published Apr 9, 2024
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... High Unreviewed
CVE-2023-3655 was published Oct 3, 2023
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This... High Unreviewed
CVE-2023-23845 was published Sep 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database