GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,796
Erlang
29
GitHub Actions
16
Go
1,713
Maven
4,948
npm
3,477
NuGet
605
pip
3,006
Pub
10
RubyGems
829
Rust
774
Swift
34
Unreviewed advisories
All unreviewed
5,000+
237,611 advisories
Filter by severity
Ollama does not validate the format of the digest (sha256 with 64 hex digits)
Moderate
CVE-2024-37032
was published
for
github.com/ollama/ollama
(Go)
May 31, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34797
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34801
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34769
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34770
was published
Jun 3, 2024
Information disclosure while handling T2LM Action Frame in WLAN Host.
Moderate
Unreviewed
CVE-2023-43537
was published
Jun 3, 2024
Information disclosure in Video while parsing mp2 clip with invalid section length.
High
Unreviewed
CVE-2023-43555
was published
Jun 3, 2024
Memory corruption when more scan frequency list or channels are sent from the user space.
Moderate
Unreviewed
CVE-2023-43545
was published
Jun 3, 2024
Memory corruption in Hypervisor when platform information mentioned is not aligned.
Critical
Unreviewed
CVE-2023-43556
was published
Jun 3, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the...
Critical
Unreviewed
CVE-2023-43551
was published
Jun 3, 2024
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
High
Unreviewed
CVE-2024-23363
was published
Jun 3, 2024
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6...
Moderate
Unreviewed
CVE-2024-23664
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue...
Moderate
Unreviewed
CVE-2024-35635
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34793
was published
Jun 3, 2024
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the...
Critical
Unreviewed
CVE-2024-3829
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23670
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34795
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35631
was published
Jun 3, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Contact...
Moderate
Unreviewed
CVE-2024-34754
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-34794
was published
Jun 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger...
Moderate
Unreviewed
CVE-2024-34798
was published
Jun 3, 2024
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25.
Moderate
Unreviewed
CVE-2024-34803
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34764
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34790
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34767
was published
Jun 3, 2024
ProTip!
Advisories are also available from the
GraphQL API