GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,254 advisories

Filter by severity

Sort by

Least recently updated

Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter... Moderate Unreviewed

CVE-2024-37098 was published Jun 26, 2024

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-5215 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... Moderate Unreviewed

CVE-2024-37139 was published Jun 26, 2024

A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in... Moderate Unreviewed

CVE-2024-4106 was published Jun 26, 2024

A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server... Moderate Unreviewed

CVE-2024-4105 was published Jun 26, 2024

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-5332 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC... Moderate Unreviewed

CVE-2024-37138 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed

CVE-2024-29173 was published Jun 26, 2024

Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL... Moderate Unreviewed

CVE-2024-29174 was published Jun 26, 2024

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an... Moderate Unreviewed

CVE-2024-29175 was published Jun 26, 2024

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-5173 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed

CVE-2024-28973 was published Jun 26, 2024

A vulnerability in the web interface in Brocade Fabric OS before v9.2.1, v9.2.0b, and v9.1.1d... Moderate Unreviewed

CVE-2024-29953 was published Jun 26, 2024

HCL Connections is vulnerable to a cross-site scripting attack where an attacker may leverage... Moderate Unreviewed

CVE-2024-30112 was published Jun 26, 2024

A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed

CVE-2024-29954 was published Jun 26, 2024

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue... Moderate Unreviewed

CVE-2024-5019 was published Jun 25, 2024

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal... Moderate Unreviewed

CVE-2024-5018 was published Jun 25, 2024

In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A... Moderate Unreviewed

CVE-2024-5017 was published Jun 25, 2024

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low... Moderate Unreviewed

CVE-2024-0171 was published Jun 25, 2024

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed

CVE-2024-37087 was published Jun 25, 2024

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient... Moderate Unreviewed

CVE-2024-37085 was published Jun 25, 2024

VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local... Moderate Unreviewed

CVE-2024-37086 was published Jun 25, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-31111 was published Jun 25, 2024

Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker... Moderate Unreviewed

CVE-2024-6299 was published Jun 25, 2024

Lack of validation of origin in federation API in Conduit, allowing any remote server to... Moderate Unreviewed

CVE-2024-6301 was published Jun 25, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,254 advisories