GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

240,683 advisories

Filter by severity

Sort by

Least recently updated

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed

CVE-2024-28795 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This... Moderate Unreviewed

CVE-2024-28797 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could... Moderate Unreviewed

CVE-2024-31902 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-35119 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2023-50953 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed

CVE-2023-50952 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify... Moderate Unreviewed

CVE-2024-31898 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that... Moderate Unreviewed

CVE-2023-50954 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed

CVE-2024-28798 was published Jun 30, 2024

IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do... Moderate Unreviewed

CVE-2023-35022 was published Jun 30, 2024

A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0... Moderate Unreviewed

CVE-2024-5062 was published Jun 30, 2024

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd)... Unknown Unreviewed

CVE-2024-33600 was published May 6, 2024

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache... Unknown Unreviewed

CVE-2024-33601 was published May 6, 2024

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd)... Unknown Unreviewed

CVE-2024-33599 was published May 6, 2024

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's... Unknown Unreviewed

CVE-2024-33602 was published May 6, 2024

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Unknown Unreviewed

CVE-2024-38441 was published Jun 16, 2024

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Unknown Unreviewed

CVE-2024-38439 was published Jun 16, 2024

Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of... Unknown Unreviewed

CVE-2024-38440 was published Jun 16, 2024

The Mojolicious module before 8.65 for Perl is vulnerable to secure_compare timing attacks that... Unknown Unreviewed

CVE-2020-36829 was published Apr 8, 2024

Path Traversal: '\..\filename' in GitHub repository stitionai/devika prior to -. Critical Unreviewed

CVE-2024-5926 was published Jun 30, 2024

A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by... Moderate Unreviewed

CVE-2024-6415 was published Jun 30, 2024

A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x.... Moderate Unreviewed

CVE-2024-6414 was published Jun 30, 2024

R74n Sandboxels 1.9 through 1.9.5 allows XSS via a message in a modified saved-game file. Unknown Unreviewed

CVE-2024-39828 was published Jun 29, 2024

Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in... Unknown Unreviewed

CVE-2024-39848 was published Jun 30, 2024

NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it... Unknown Unreviewed

CVE-2024-39846 was published Jun 29, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240,683 advisories