GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10,047 advisories
Filter by severity
A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin ...
Low
Unreviewed
CVE-2024-9101
was published
Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote...
Low
Unreviewed
CVE-2024-49820
was published
Dec 17, 2024
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An...
Low
Unreviewed
CVE-2024-42194
was published
Dec 17, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in...
Low
Unreviewed
CVE-2024-9654
was published
Dec 17, 2024
Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android...
Low
Unreviewed
CVE-2024-54125
was published
Dec 17, 2024
ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx...
Low
Unreviewed
CVE-2024-56082
was published
Dec 15, 2024
Missing Authorization vulnerability in Analytify Analytify allows Exploiting Incorrectly...
Low
Unreviewed
CVE-2023-41695
was published
Dec 13, 2024
Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly...
Low
Unreviewed
CVE-2022-45819
was published
Dec 13, 2024
This issue affects:
Secomea GateManager
Version 9.5 and all prior versions.
Protection Mechanism...
Low
Unreviewed
CVE-2021-32007
was published
Dec 13, 2024
The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file...
Low
Unreviewed
CVE-2024-12300
was published
Dec 13, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6...
Low
Unreviewed
CVE-2024-10043
was published
Dec 12, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia...
Low
Unreviewed
CVE-2024-54493
was published
Dec 12, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Low
Unreviewed
CVE-2024-44200
was published
Dec 12, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Low
Unreviewed
CVE-2024-44290
was published
Dec 12, 2024
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.3, iOS 18...
Low
Unreviewed
CVE-2024-54485
was published
Dec 12, 2024
IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an...
Low
Unreviewed
CVE-2023-23472
was published
Dec 11, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37395
was published
Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-52831
was published
Dec 11, 2024
Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation...
Low
Unreviewed
CVE-2024-43755
was published
Dec 11, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted...
Low
Unreviewed
CVE-2024-54050
was published
Dec 10, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted...
Low
Unreviewed
CVE-2024-54051
was published
Dec 10, 2024
In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions...
Low
Unreviewed
CVE-2024-53245
was published
Dec 10, 2024
Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information...
Low
Unreviewed
CVE-2024-47577
was published
Dec 10, 2024
SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL...
Low
Unreviewed
CVE-2024-47576
was published
Dec 10, 2024
An Improper Certificate Validation vulnerability exists in Tenable Security Center where an...
Low
Unreviewed
CVE-2024-12174
was published
Dec 10, 2024
ProTip!
Advisories are also available from the
GraphQL API