GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,720 advisories
Filter by severity
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This...
High
Unreviewed
CVE-2024-28798
was published
Jun 30, 2024
The WordPress Plugin for Google Maps – WP MAPS plugin for WordPress is vulnerable to SQL...
High
Unreviewed
CVE-2024-2386
was published
Jun 29, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th...
High
Unreviewed
CVE-2024-25943
was published
Jun 29, 2024
DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the...
High
Unreviewed
CVE-2021-41689
was published
Jun 29, 2022
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
High
Unreviewed
CVE-2022-43272
was published
Dec 2, 2022
The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in...
High
Unreviewed
CVE-2024-5598
was published
Jun 29, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5712
was published
Jun 29, 2024
DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but...
High
Unreviewed
CVE-2021-41688
was published
Jun 29, 2022
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage...
High
Unreviewed
CVE-2024-28130
was published
Apr 23, 2024
DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all...
High
Unreviewed
CVE-2021-41690
was published
Jun 29, 2022
DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for...
High
Unreviewed
CVE-2021-41687
was published
Jun 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** The vulnerability exists in Syska SW100 Smartwatch due to an...
High
Unreviewed
CVE-2022-3007
was published
Oct 31, 2023
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a...
High
Unreviewed
CVE-2015-2425
was published
May 14, 2022
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers...
High
Unreviewed
CVE-2014-0546
was published
May 17, 2022
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,...
High
Unreviewed
CVE-2015-1671
was published
May 14, 2022
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows...
High
Unreviewed
CVE-2014-4077
was published
May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
High
Unreviewed
CVE-2010-0840
was published
May 2, 2022
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion...
High
Unreviewed
CVE-2012-1710
was published
May 17, 2022
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this...
High
Unreviewed
CVE-2024-6402
was published
Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12....
High
Unreviewed
CVE-2024-6403
was published
Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under...
High
Unreviewed
CVE-2024-31912
was published
Jun 28, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could...
High
Unreviewed
CVE-2023-3454
was published
Apr 4, 2024
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2,...
High
Unreviewed
CVE-2014-4148
was published
May 14, 2022
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate...
High
Unreviewed
CVE-2013-0074
was published
May 5, 2022
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting...
High
Unreviewed
CVE-2023-36884
was published
Jul 11, 2023
ProTip!
Advisories are also available from the
GraphQL API