Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,622 advisories

Loading
Mattermost Desktop App allows for bypassing TCC restrictions on macOS Low
CVE-2024-36287 was published for mattermost-desktop (npm) Jun 14, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Low Unreviewed
CVE-2024-6056 was published Jun 17, 2024
SQL Injection in Harbor scan log API Low
CVE-2024-22261 was published for github.com/goharbor/harbor (Go) Jun 2, 2024
evmos allows transferring unvested tokens after delegations Low
CVE-2024-32873 was published for github.com/evmos/evmos/v10 (Go) Jun 6, 2024
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user... Low Unreviewed
CVE-2024-31870 was published Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header.  This... Low Unreviewed
CVE-2024-30119 was published Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application. Low Unreviewed
CVE-2024-30120 was published Jun 15, 2024
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning Low
CVE-2024-34447 was published for org.bouncycastle:bcprov-jdk12 (Maven) May 3, 2024
samueloph
@strapi/plugin-content-manager leaks data via relations via the Admin Panel Low
CVE-2024-29181 was published for @strapi/plugin-content-manager (npm) Jun 12, 2024
felixdkatt derrickmehaffy
Bassel17 christiancp100
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed
CVE-2024-5469 was published Jun 14, 2024
The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is... Low Unreviewed
CVE-2024-3073 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-36226 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26127 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26126 was published Jun 13, 2024
HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims Low
CVE-2024-5798 was published for github.com/hashicorp/vault (Go) Jun 12, 2024
Keycloak Denial of Service via account lockout Low
GHSA-cq42-vhv7-xr7p was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
Keycloak's improper input validation allows using email as username Low
GHSA-4vc8-pg5c-vg4x was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
A stored cross site scripting vulnerability exists in Tenable Security Center where an... Low Unreviewed
CVE-2024-1891 was published Jun 12, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
A low severity vulnerability in BIPS has been identified where an attacker with high privileges... Low Unreviewed
CVE-2024-5812 was published Jun 11, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Low Unreviewed
CVE-2024-26246 was published Mar 15, 2024
Keycloak DoS via account lockout Low
CVE-2024-1722 was published for org.keycloak:keycloak-core (Maven) Feb 29, 2024
codespearhead
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting... Low Unreviewed
CVE-2024-21754 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API