GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,620 advisories
Filter by severity
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820,...
Low
Unreviewed
CVE-2023-50804
was published
Jun 5, 2024
The issue was addressed by restricting options offered on a locked device. This issue is fixed in...
Low
Unreviewed
CVE-2024-27819
was published
Jun 10, 2024
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000...
Low
Unreviewed
CVE-2024-24861
was published
Feb 5, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11...
Low
Unreviewed
CVE-2024-4011
was published
Jun 27, 2024
Exposure of secrets through system log in Jenkins Structs Plugin
Low
CVE-2024-39458
was published
for
org.jenkins-ci.plugins:structs
(Maven)
Jun 26, 2024
October System module has a Reflected XSS via X-October-Request-Handler Header
Low
CVE-2024-25637
was published
for
october/system
(Composer)
Jun 26, 2024
Low severity (DoS) vulnerability in sequoia-openpgp
Low
GHSA-9344-p847-qm5c
was published
for
sequoia-openpgp
(Rust)
Jun 26, 2024
October System module has an Open Redirect for Administrator Accounts
Low
CVE-2024-24764
was published
for
october/system
(Composer)
Jun 26, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Low
CVE-2024-38364
was published
for
org.dspace:dspace-server-webapp
(Maven)
Jun 25, 2024
ntpd has Dependency on Vulnerable Third-Party Component
Low
GHSA-37xq-q42p-rv3p
was published
for
ntpd
(Rust)
Aug 24, 2023
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000...
Low
Unreviewed
CVE-2024-6344
was published
Jun 26, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2...
Low
Unreviewed
CVE-2024-28830
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an...
Low
Unreviewed
CVE-2024-37141
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Low
Unreviewed
CVE-2024-29177
was published
Jun 26, 2024
HCL Connections contains a broken access control vulnerability that may allow unauthorized user...
Low
Unreviewed
CVE-2023-37541
was published
Jun 25, 2024
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether...
Low
Unreviewed
CVE-2024-6300
was published
Jun 25, 2024
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally...
Low
Unreviewed
CVE-2024-32855
was published
Jun 25, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into...
Low
Unreviewed
CVE-2024-6295
was published
Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an...
Low
Unreviewed
CVE-2019-14861
was published
May 24, 2022
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue...
Low
Unreviewed
CVE-2022-44593
was published
Jun 21, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management...
Low
Unreviewed
CVE-2024-6267
was published
Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an...
Low
Unreviewed
CVE-2024-6251
was published
Jun 22, 2024
ProTip!
Advisories are also available from the
GraphQL API