Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

86,720 advisories

Loading
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-2386 was published Jun 29, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th... High Unreviewed
CVE-2024-25943 was published Jun 29, 2024
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the... High Unreviewed
CVE-2021-41689 was published Jun 29, 2022
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. High Unreviewed
CVE-2022-43272 was published Dec 2, 2022
The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in... High Unreviewed
CVE-2024-5598 was published Jun 29, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5712 was published Jun 29, 2024
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but... High Unreviewed
CVE-2021-41688 was published Jun 29, 2022
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage... High Unreviewed
CVE-2024-28130 was published Apr 23, 2024
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all... High Unreviewed
CVE-2021-41690 was published Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for... High Unreviewed
CVE-2021-41687 was published Jun 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** The vulnerability exists in Syska SW100 Smartwatch due to an... High Unreviewed
CVE-2022-3007 was published Oct 31, 2023
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a... High Unreviewed
CVE-2015-2425 was published May 14, 2022
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers... High Unreviewed
CVE-2014-0546 was published May 17, 2022
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,... High Unreviewed
CVE-2015-1671 was published May 14, 2022
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows... High Unreviewed
CVE-2014-4077 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java... High Unreviewed
CVE-2010-0840 was published May 2, 2022
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion... High Unreviewed
CVE-2012-1710 was published May 17, 2022
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this... High Unreviewed
CVE-2024-6402 was published Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12.... High Unreviewed
CVE-2024-6403 was published Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under... High Unreviewed
CVE-2024-31912 was published Jun 28, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could... High Unreviewed
CVE-2023-3454 was published Apr 4, 2024
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2,... High Unreviewed
CVE-2014-4148 was published May 14, 2022
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate... High Unreviewed
CVE-2013-0074 was published May 5, 2022
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting... High Unreviewed
CVE-2023-36884 was published Jul 11, 2023
ProTip! Advisories are also available from the GraphQL API