GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,844 advisories
Filter by severity
CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type...
High
Unreviewed
CVE-2024-3123
was published
Jul 1, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 does not validate and escape some...
Unknown
Unreviewed
CVE-2024-4934
was published
Jul 1, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an...
Unknown
Unreviewed
CVE-2024-38480
was published
Jul 1, 2024
In Modem, there is a possible system crash due to incorrect error handling. This could lead to...
Unknown
Unreviewed
CVE-2024-20076
was published
Jul 1, 2024
In Modem, there is a possible system crash due to incorrect error handling. This could lead to...
Unknown
Unreviewed
CVE-2024-20077
was published
Jul 1, 2024
A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0....
Moderate
Unreviewed
CVE-2024-6419
was published
Jul 1, 2024
A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1...
Moderate
Unreviewed
CVE-2024-6418
was published
Jul 1, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated...
Moderate
Unreviewed
CVE-2024-6417
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2024-28794
was published
Jul 1, 2024
A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-6416
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2023-50964
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-28797
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-35119
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2023-50953
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This...
Moderate
Unreviewed
CVE-2023-50952
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify...
Moderate
Unreviewed
CVE-2024-31898
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that...
Moderate
Unreviewed
CVE-2023-50954
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This...
High
Unreviewed
CVE-2024-28798
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do...
Moderate
Unreviewed
CVE-2023-35022
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could...
Moderate
Unreviewed
CVE-2024-31902
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2024-28795
was published
Jun 30, 2024
Reflected Cross-Site Scripting (XSS) in zenml
Moderate
CVE-2024-5062
was published
for
zenml
(pip)
Jun 30, 2024
Path Traversal: '\..\filename' in GitHub repository stitionai/devika prior to -.
Critical
Unreviewed
CVE-2024-5926
was published
Jun 30, 2024
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by...
Moderate
Unreviewed
CVE-2024-6415
was published
Jun 30, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
ProTip!
Advisories are also available from the
GraphQL API