GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,254 advisories
Filter by severity
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability...
Moderate
Unreviewed
CVE-2024-28795
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-28797
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could...
Moderate
Unreviewed
CVE-2024-31902
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-35119
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2023-50953
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This...
Moderate
Unreviewed
CVE-2023-50952
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify...
Moderate
Unreviewed
CVE-2024-31898
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that...
Moderate
Unreviewed
CVE-2023-50954
was published
Jun 30, 2024
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0...
Moderate
Unreviewed
CVE-2024-5062
was published
Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do...
Moderate
Unreviewed
CVE-2023-35022
was published
Jun 30, 2024
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by...
Moderate
Unreviewed
CVE-2024-6415
was published
Jun 30, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color...
Moderate
Unreviewed
CVE-2023-4017
was published
Jun 29, 2024
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5819
was published
Jun 29, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5790
was published
Jun 29, 2024
The Extensions for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5666
was published
Jun 29, 2024
The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-6363
was published
Jun 29, 2024
The Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create...
Moderate
Unreviewed
CVE-2024-5192
was published
Jun 29, 2024
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-6405
was published
Jun 29, 2024
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-5889
was published
Jun 29, 2024
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10...
Moderate
Unreviewed
CVE-2022-38383
was published
Jun 29, 2024
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error...
Moderate
Unreviewed
CVE-2024-38322
was published
Jun 29, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a...
Moderate
Unreviewed
CVE-2024-35156
was published
Jun 29, 2024
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack...
Moderate
Unreviewed
CVE-2024-35116
was published
Jun 29, 2024
The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in...
Moderate
Unreviewed
CVE-2024-5942
was published
Jun 29, 2024
ProTip!
Advisories are also available from the
GraphQL API