GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

221,313 advisories

Filter by severity

Sort by

Least recently updated

Rejected reason: CVE ID issued in error. This is not a valid vulnerability. Unknown Unreviewed

CVE-2024-5972 was published Jun 29, 2024

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count... Unknown Unreviewed

CVE-2024-37370 was published Jun 29, 2024

The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed

CVE-2024-5942 was published Jun 29, 2024

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed

CVE-2024-25053 was published Jun 29, 2024

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout... Moderate Unreviewed

CVE-2024-25031 was published Jun 29, 2024

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web... Critical Unreviewed

CVE-2024-5827 was published Jun 29, 2024

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by... Low Unreviewed

CVE-2024-3995 was published Jun 29, 2024

Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed

CVE-2024-5712 was published Jun 29, 2024

DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but... High Unreviewed

CVE-2021-41688 was published Jun 29, 2022

An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed

CVE-2024-28130 was published Apr 23, 2024

DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all... High Unreviewed

CVE-2021-41690 was published Jun 29, 2022

CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext... Unknown Unreviewed

CVE-2024-5642 was published Jun 27, 2024

dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. Unknown Unreviewed

CVE-2024-34508 was published May 5, 2024

dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. Unknown Unreviewed

CVE-2024-34509 was published May 5, 2024

Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported... Unknown Unreviewed

CVE-2024-5535 was published Jun 27, 2024

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed

CVE-2024-25041 was published Jun 29, 2024

OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while... Moderate Unreviewed

CVE-2022-2121 was published Jun 25, 2022

DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for... High Unreviewed

CVE-2021-41687 was published Jun 29, 2022

** UNSUPPORTED WHEN ASSIGNED ** The vulnerability exists in Syska SW100 Smartwatch due to an... High Unreviewed

CVE-2022-3007 was published Oct 31, 2023

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a... High Unreviewed

CVE-2015-2425 was published May 14, 2022

Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers... High Unreviewed

CVE-2014-0546 was published May 17, 2022

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted... Moderate Unreviewed

CVE-2014-4123 was published May 14, 2022

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,... High Unreviewed

CVE-2015-1671 was published May 14, 2022

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows... High Unreviewed

CVE-2014-4077 was published May 14, 2022

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS... Moderate Unreviewed

CVE-2015-4495 was published May 14, 2022

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

221,313 advisories