GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products...
Moderate
Unreviewed
CVE-2023-4489
was published
Dec 15, 2023
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure...
Moderate
Unreviewed
CVE-2024-22473
was published
Feb 21, 2024
Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault...
Moderate
Unreviewed
CVE-2023-5138
was published
Jan 4, 2024
Airbnb Knowledge Repo XSS In Comments
Moderate
CVE-2018-12104
was published
for
knowledge-repo
(pip)
May 14, 2022
Mautic vulnerable to XSS in contact/company tracking (no authentication)
Moderate
CVE-2024-47050
was published
for
mautic/core
(Composer)
Sep 18, 2024
Mautic has an XSS in contact tracking and page hits report
Moderate
CVE-2021-27917
was published
for
mautic/core
(Composer)
Sep 18, 2024
Kallithea cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-1864
was published
for
Kallithea
(pip)
May 13, 2022
IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper...
Moderate
Unreviewed
CVE-2023-47140
was published
Jan 8, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
A Cross-Site Scripting (XSS) vulnerability was identified in the repository transfer feature of...
Moderate
Unreviewed
CVE-2024-8770
was published
Sep 23, 2024
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution ...
Moderate
Unreviewed
CVE-2024-37779
was published
Sep 23, 2024
A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-9282
was published
Sep 27, 2024
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2024-9281
was published
Sep 27, 2024
A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2....
Moderate
Unreviewed
CVE-2024-9283
was published
Sep 27, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some...
Moderate
Unreviewed
CVE-2024-8758
was published
Sep 23, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an...
Moderate
Unreviewed
CVE-2023-47152
was published
Jan 22, 2024
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this...
Moderate
Unreviewed
CVE-2024-9277
was published
Sep 27, 2024
A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3....
Moderate
Unreviewed
CVE-2024-9278
was published
Sep 27, 2024
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-9275
was published
Sep 27, 2024
A vulnerability classified as problematic has been found in TMsoft MyAuth Gateway 3. Affected is...
Moderate
Unreviewed
CVE-2024-9276
was published
Sep 27, 2024
A vulnerability has been found in kalvinGit kvf-admin up to...
Moderate
Unreviewed
CVE-2024-9280
was published
Sep 27, 2024
A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6....
Moderate
Unreviewed
CVE-2024-9279
was published
Sep 27, 2024
Permission vulnerability in the ActivityManagerService (AMS) module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-47291
was published
Sep 27, 2024
Access permission verification vulnerability in the App Multiplier module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-9136
was published
Sep 27, 2024
Input validation vulnerability in the USB service module
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2024-47290
was published
Sep 27, 2024
ProTip!
Advisories are also available from the
GraphQL API