GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,995 advisories
Filter by severity
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may...
Moderate
Unreviewed
CVE-2023-45707
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35713
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35711
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35714
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35719
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35718
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35707
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35738
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35740
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35737
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35752
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35751
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35739
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: Use...
Unknown
Unreviewed
CVE-2024-36970
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web...
Moderate
Unreviewed
CVE-2024-35710
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
erofs: reliably distinguish...
Unknown
Unreviewed
CVE-2024-36966
was published
Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35750
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix...
Moderate
Unreviewed
CVE-2024-36969
was published
Jun 8, 2024
Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name...
Critical
Unreviewed
CVE-2024-37407
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Fix memory...
Moderate
Unreviewed
CVE-2024-36967
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
remoteproc: mediatek: Make...
Moderate
Unreviewed
CVE-2024-36965
was published
Jun 8, 2024
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix div-by...
Moderate
Unreviewed
CVE-2024-36968
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35709
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35733
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35732
was published
Jun 8, 2024
ProTip!
Advisories are also available from the
GraphQL API