GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,683 advisories
Filter by severity
DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR...
Unknown
Unreviewed
CVE-2024-31802
was published
Jun 27, 2024
VMware Cloud Director contains an Improper Privilege Management vulnerability.
An...
Moderate
Unreviewed
CVE-2024-22272
was published
Jun 27, 2024
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote...
Critical
Unreviewed
CVE-2024-6127
was published
Jun 27, 2024
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks...
Critical
Unreviewed
CVE-2024-2973
was published
Jun 27, 2024
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring...
Unknown
Unreviewed
CVE-2024-2882
was published
Jun 27, 2024
Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire...
Moderate
Unreviewed
CVE-2024-3331
was published
Jun 27, 2024
In a
Silicon Labs multi-protocol gateway, a corrupt pointer to buffered data on a multi...
Moderate
Unreviewed
CVE-2024-3017
was published
Jun 27, 2024
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee...
High
Unreviewed
CVE-2024-3043
was published
Jun 27, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS...
Critical
Unreviewed
CVE-2024-3330
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information...
Moderate
Unreviewed
CVE-2023-38368
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30998
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30997
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could...
High
Unreviewed
CVE-2023-38370
was published
Jun 27, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site...
Moderate
Unreviewed
CVE-2023-42014
was published
Jun 27, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-35153
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive...
Unknown
Unreviewed
CVE-2024-39376
was published
Jun 27, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5547
was published
Jun 27, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks...
Moderate
Unreviewed
CVE-2024-6388
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining...
Unknown
Unreviewed
CVE-2024-39375
was published
Jun 27, 2024
External Control of File Name or Path in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5334
was published
Jun 27, 2024
Path Traversal in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5548
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected...
Moderate
Unreviewed
CVE-2023-38371
was published
Jun 27, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly...
Moderate
Unreviewed
CVE-2023-42011
was published
Jun 27, 2024
Microsoft Dataverse Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-35260
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API