Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,683 advisories

Loading
DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR... Unknown Unreviewed
CVE-2024-31802 was published Jun 27, 2024
VMware Cloud Director contains an Improper Privilege Management vulnerability. An... Moderate Unreviewed
CVE-2024-22272 was published Jun 27, 2024
BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can lead to remote... Critical Unreviewed
CVE-2024-6127 was published Jun 27, 2024
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks... Critical Unreviewed
CVE-2024-2973 was published Jun 27, 2024
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring... Unknown Unreviewed
CVE-2024-2882 was published Jun 27, 2024
Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire... Moderate Unreviewed
CVE-2024-3331 was published Jun 27, 2024
In a Silicon Labs  multi-protocol gateway, a corrupt pointer to buffered data on a multi... Moderate Unreviewed
CVE-2024-3017 was published Jun 27, 2024
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee... High Unreviewed
CVE-2024-3043 was published Jun 27, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS... Critical Unreviewed
CVE-2024-3330 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... High Unreviewed
CVE-2023-30998 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... High Unreviewed
CVE-2023-30997 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site... Moderate Unreviewed
CVE-2023-42014 was published Jun 27, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2024-35153 was published Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Unknown Unreviewed
CVE-2024-39376 was published Jun 27, 2024
Relative Path Traversal in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5547 was published Jun 27, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive... High Unreviewed
CVE-2024-31916 was published Jun 27, 2024
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks... Moderate Unreviewed
CVE-2024-6388 was published Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker bypassing authentication and gaining... Unknown Unreviewed
CVE-2024-39375 was published Jun 27, 2024
External Control of File Name or Path in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5334 was published Jun 27, 2024
Path Traversal in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5548 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected... Moderate Unreviewed
CVE-2023-38371 was published Jun 27, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
Microsoft Dataverse Remote Code Execution Vulnerability High Unreviewed
CVE-2024-35260 was published Jun 27, 2024
ProTip! Advisories are also available from the GraphQL API