Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,622 advisories

Loading
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints... Low Unreviewed
CVE-2023-50346 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application... Low Unreviewed
CVE-2023-50348 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker... Low Unreviewed
CVE-2023-50345 was published Jan 3, 2024
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup... Low Unreviewed
CVE-2024-0217 was published Jan 3, 2024
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit... Low Unreviewed
CVE-2023-6004 was published Jan 3, 2024
The DES/3DES cipher was used as part of the TLS protocol by installation tools Low
GHSA-7xg2-83f8-39mr was published for github.com/karmada-io/karmada (Go) Jan 3, 2024
zhzhuang-zju yanfeng1992
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in... Low Unreviewed
CVE-2024-20805 was published Jan 4, 2024
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows... Low Unreviewed
CVE-2024-20807 was published Jan 4, 2024
Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page Low
GHSA-4mvm-xh8j-fv27 was published for govuk_tech_docs (RubyGems) Jan 4, 2024 withdrawn
Duplicate Advisory: Race Condition leading to logging errors Low
GHSA-v444-jggx-6v7f was published for audited (RubyGems) Jan 4, 2024 withdrawn
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal Low
GHSA-qwf7-rv77-fcr3 was published for iodine (RubyGems) Jan 4, 2024 withdrawn
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45039 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45041 was published Jan 5, 2024
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for... Low Unreviewed
CVE-2023-34321 was published Jan 5, 2024
Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for... Low Unreviewed
CVE-2023-46837 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45044 was published Jan 5, 2024
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the... Low Unreviewed
CVE-2023-47219 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45043 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45042 was published Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several... Low Unreviewed
CVE-2023-45040 was published Jan 5, 2024
Flarum's logout Route allows open redirects Low
CVE-2024-21641 was published for flarum/core (Composer) Jan 5, 2024
imorland DavideIadeluca
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by... Low Unreviewed
CVE-2024-0262 was published Jan 7, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced... Low Unreviewed
CVE-2022-40696 was published Jan 9, 2024
SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a... Low Unreviewed
CVE-2024-21734 was published Jan 9, 2024
ProTip! Advisories are also available from the GraphQL API