GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,254 advisories
Filter by severity
Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter...
Moderate
Unreviewed
CVE-2024-37098
was published
Jun 26, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-5215
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an...
Moderate
Unreviewed
CVE-2024-37139
was published
Jun 26, 2024
A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in...
Moderate
Unreviewed
CVE-2024-4106
was published
Jun 26, 2024
A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server...
Moderate
Unreviewed
CVE-2024-4105
was published
Jun 26, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-5332
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC...
Moderate
Unreviewed
CVE-2024-37138
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Moderate
Unreviewed
CVE-2024-29173
was published
Jun 26, 2024
Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL...
Moderate
Unreviewed
CVE-2024-29174
was published
Jun 26, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an...
Moderate
Unreviewed
CVE-2024-29175
was published
Jun 26, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-5173
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Moderate
Unreviewed
CVE-2024-28973
was published
Jun 26, 2024
A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d...
Moderate
Unreviewed
CVE-2024-29953
was published
Jun 26, 2024
HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage...
Moderate
Unreviewed
CVE-2024-30112
was published
Jun 26, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b...
Moderate
Unreviewed
CVE-2024-29954
was published
Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3,
an unauthenticated Arbitrary File Read issue...
Moderate
Unreviewed
CVE-2024-5019
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal...
Moderate
Unreviewed
CVE-2024-5018
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A...
Moderate
Unreviewed
CVE-2024-5017
was published
Jun 25, 2024
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low...
Moderate
Unreviewed
CVE-2024-0171
was published
Jun 25, 2024
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network...
Moderate
Unreviewed
CVE-2024-37087
was published
Jun 25, 2024
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient...
Moderate
Unreviewed
CVE-2024-37085
was published
Jun 25, 2024
VMware ESXi contains an out-of-bounds read vulnerability. A
malicious actor with local...
Moderate
Unreviewed
CVE-2024-37086
was published
Jun 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-31111
was published
Jun 25, 2024
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker...
Moderate
Unreviewed
CVE-2024-6299
was published
Jun 25, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to...
Moderate
Unreviewed
CVE-2024-6301
was published
Jun 25, 2024
ProTip!
Advisories are also available from the
GraphQL API