GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,622 advisories
Filter by severity
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an...
Low
Unreviewed
CVE-2024-6251
was published
Jun 22, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2023-21968
was published
Apr 18, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2023-21938
was published
Apr 18, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK...
Low
Unreviewed
CVE-2023-22049
was published
Jul 18, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2023-21937
was published
Apr 18, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2022-21443
was published
Apr 20, 2022
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2021-35603
was published
May 24, 2022
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2021-35588
was published
May 24, 2022
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Low
CVE-2024-5967
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Jun 21, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials
Low
GHSA-gmrm-8fx4-66x7
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 18, 2024
•
withdrawn
SpiceDB exclusions can result in no permission returned when permission expected
Low
CVE-2024-38361
was published
for
github.com/authzed/spicedb
(Go)
Jun 20, 2024
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected...
Low
Unreviewed
CVE-2024-6129
was published
Jun 18, 2024
Vyper's external calls can overflow return data to return input buffer
Low
CVE-2024-24560
was published
for
vyper
(pip)
Feb 2, 2024
Vyper's `_abi_decode` vulnerable to Memory Overflow
Low
CVE-2024-26149
was published
for
vyper
(pip)
Feb 26, 2024
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible
Low
Unreviewed
CVE-2024-38507
was published
Jun 18, 2024
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This...
Low
Unreviewed
CVE-2024-6082
was published
Jun 18, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as...
Low
Unreviewed
CVE-2024-6063
was published
Jun 17, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as...
Low
Unreviewed
CVE-2024-6061
was published
Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic....
Low
Unreviewed
CVE-2024-6062
was published
Jun 17, 2024
A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager...
Low
Unreviewed
CVE-2024-6059
was published
Jun 17, 2024
Apache Airflow does not return the "Cache-Control" header for dynamic content
Low
CVE-2024-25142
was published
for
apache-airflow
(pip)
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API