GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,947 advisories
Filter by severity
In faceid servive, there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2024-39429
was published
Jul 1, 2024
In trusty service, there is a possible out of bounds write due to a missing bounds check. This...
Moderate
Unreviewed
CVE-2024-39428
was published
Jul 1, 2024
CHANGING Mobile One Time Password does not properly filter parameters for the file download...
Moderate
Unreviewed
CVE-2024-3122
was published
Jul 1, 2024
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0....
Moderate
Unreviewed
CVE-2024-6419
was published
Jul 1, 2024
A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1...
Moderate
Unreviewed
CVE-2024-6418
was published
Jul 1, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated...
Moderate
Unreviewed
CVE-2024-6417
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2024-28794
was published
Jul 1, 2024
A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-6416
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2023-50964
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-28797
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-35119
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2023-50953
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This...
Moderate
Unreviewed
CVE-2023-50952
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify...
Moderate
Unreviewed
CVE-2024-31898
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that...
Moderate
Unreviewed
CVE-2023-50954
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do...
Moderate
Unreviewed
CVE-2023-35022
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could...
Moderate
Unreviewed
CVE-2024-31902
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2024-28795
was published
Jun 30, 2024
Reflected Cross-Site Scripting (XSS) in zenml
Moderate
CVE-2024-5062
was published
for
zenml
(pip)
Jun 30, 2024
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by...
Moderate
Unreviewed
CVE-2024-6415
was published
Jun 30, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color...
Moderate
Unreviewed
CVE-2023-4017
was published
Jun 29, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5819
was published
Jun 29, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5790
was published
Jun 29, 2024
The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5666
was published
Jun 29, 2024
ProTip!
Advisories are also available from the
GraphQL API