Vendor Security Advisories
Security advisories straight from the source — Microsoft, Red Hat, GitHub, and beyond. Searchable, indexed, and live the moment vendors publish.
🔔 Vendor advisory alerts
Catch vendor-disclosed advisories the day they ship
Vendors like Microsoft, Red Hat, and GitHub publish security advisories days to weeks before NVD assigns a CVE. Subscribe to get these the moment we ingest them.
- ✓Microsoft MSRC, Red Hat RHSA, GitHub GHSA — full vendor coverage
- ✓Embargo-window disclosures included (Pre-CVE advisories)
- ✓Real-time, daily, weekly, or monthly cadence
Browse by vendor
10 active · 15 trackedMost Recent Vendor Advisoriestop 12
The newest 12 advisories ingested from any tracked vendor — refreshed every two minutes.
Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing...
A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14...
showdown contains a cross-site scripting vulnerability in metadata title handling that allows...
Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that...
HashiCorp Terraform Enterprise contained an issue in its version control system (VCS) ingestion...
Memory Corruption when updating prepared commands with invalid port indices based on user space...
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed...
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which...
Memory Corruption when processing asynchronous input parameters due to improper handling of...
Memory Corruption when handling flash commands due to outdated LED count values being used after...
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during...