GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
221,313 advisories
Filter by severity
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion...
High
Unreviewed
CVE-2012-1710
was published
May 17, 2022
IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended...
Low
Unreviewed
CVE-2013-3993
was published
May 17, 2022
The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform ...
Moderate
Unreviewed
CVE-2010-1428
was published
May 2, 2022
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to...
Moderate
Unreviewed
CVE-2013-3896
was published
May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
High
Unreviewed
CVE-2010-0840
was published
May 2, 2022
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted...
Moderate
Unreviewed
CVE-2014-2817
was published
May 14, 2022
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
Moderate
Unreviewed
CVE-2024-35139
was published
Jun 28, 2024
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this...
High
Unreviewed
CVE-2024-6402
was published
Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12....
High
Unreviewed
CVE-2024-6403
was published
Jun 28, 2024
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to...
Moderate
Unreviewed
CVE-2024-31919
was published
Jun 28, 2024
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2024-35155
was published
Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under...
High
Unreviewed
CVE-2024-31912
was published
Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly...
Moderate
Unreviewed
CVE-2024-35137
was published
Jun 28, 2024
Brocade
Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not
properly represent...
Moderate
Unreviewed
CVE-2023-5973
was published
Apr 5, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could...
High
Unreviewed
CVE-2023-3454
was published
Apr 4, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
By default, SANnav OVA is shipped with root user login enabled. While protected by a password,...
Moderate
Unreviewed
CVE-2024-2859
was published
Apr 27, 2024
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate...
High
Unreviewed
CVE-2013-0074
was published
May 5, 2022
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2,...
High
Unreviewed
CVE-2014-4148
was published
May 14, 2022
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka...
Moderate
Unreviewed
CVE-2010-0738
was published
May 2, 2022
Directory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2...
Unknown
Unreviewed
CVE-2024-36059
was published
Jun 28, 2024
PTC Creo Elements/Direct License Server exposes a web interface which can be used by...
Critical
Unreviewed
CVE-2024-6071
was published
Jun 28, 2024
In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate...
Unknown
Unreviewed
CVE-2016-20022
was published
Jun 28, 2024
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on...
Unknown
Unreviewed
CVE-2024-4395
was published
Jun 28, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon.
Moderate
Unreviewed
CVE-2022-4968
was published
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API