GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,622 advisories
Filter by severity
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints...
Low
Unreviewed
CVE-2023-50346
was published
Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application...
Low
Unreviewed
CVE-2023-50348
was published
Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker...
Low
Unreviewed
CVE-2023-50345
was published
Jan 3, 2024
A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup...
Low
Unreviewed
CVE-2024-0217
was published
Jan 3, 2024
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit...
Low
Unreviewed
CVE-2023-6004
was published
Jan 3, 2024
The DES/3DES cipher was used as part of the TLS protocol by installation tools
Low
GHSA-7xg2-83f8-39mr
was published
for
github.com/karmada-io/karmada
(Go)
Jan 3, 2024
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in...
Low
Unreviewed
CVE-2024-20805
was published
Jan 4, 2024
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows...
Low
Unreviewed
CVE-2024-20807
was published
Jan 4, 2024
Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page
Low
GHSA-4mvm-xh8j-fv27
was published
for
govuk_tech_docs
(RubyGems)
Jan 4, 2024
•
withdrawn
Duplicate Advisory: Race Condition leading to logging errors
Low
GHSA-v444-jggx-6v7f
was published
for
audited
(RubyGems)
Jan 4, 2024
•
withdrawn
Duplicate Advisory: Malicious URL drafting attack against iodines static file server may allow path traversal
Low
GHSA-qwf7-rv77-fcr3
was published
for
iodine
(RubyGems)
Jan 4, 2024
•
withdrawn
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL...
Low
Unreviewed
CVE-2023-41782
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45039
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45041
was published
Jan 5, 2024
Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for...
Low
Unreviewed
CVE-2023-34321
was published
Jan 5, 2024
Arm provides multiple helpers to clean & invalidate the cache
for a given region. This is, for...
Low
Unreviewed
CVE-2023-46837
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45044
was published
Jan 5, 2024
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the...
Low
Unreviewed
CVE-2023-47219
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45043
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45042
was published
Jan 5, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several...
Low
Unreviewed
CVE-2023-45040
was published
Jan 5, 2024
Flarum's logout Route allows open redirects
Low
CVE-2024-21641
was published
for
flarum/core
(Composer)
Jan 5, 2024
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by...
Low
Unreviewed
CVE-2024-0262
was published
Jan 7, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Engine Advanced...
Low
Unreviewed
CVE-2022-40696
was published
Jan 9, 2024
SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a...
Low
Unreviewed
CVE-2024-21734
was published
Jan 9, 2024
ProTip!
Advisories are also available from the
GraphQL API