GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,538 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51504
was published
Feb 5, 2024
An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID...
Moderate
Unreviewed
CVE-2021-46903
was published
Feb 4, 2024
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile...
Moderate
Unreviewed
CVE-2023-52426
was published
Feb 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in blockmason credit-protocol. It has...
Moderate
Unreviewed
CVE-2018-25098
was published
Feb 4, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been...
Moderate
Unreviewed
CVE-2019-25159
was published
Feb 4, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting...
Moderate
Unreviewed
CVE-2023-50947
was published
Feb 4, 2024
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00...
Moderate
Unreviewed
CVE-2023-33851
was published
Feb 4, 2024
A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-1215
was published
Feb 3, 2024
curl inadvertently kept the SSL session ID for connections in its cache even when the verify...
Moderate
Unreviewed
CVE-2024-0853
was published
Feb 3, 2024
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize...
Moderate
Unreviewed
CVE-2023-49950
was published
Feb 3, 2024
The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in...
Moderate
Unreviewed
CVE-2024-0909
was published
Feb 3, 2024
The PDF Flipbook, 3D Flipbook – DearFlip plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-0895
was published
Feb 3, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform...
Moderate
Unreviewed
CVE-2023-37528
was published
Feb 3, 2024
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing...
Moderate
Unreviewed
CVE-2024-23550
was published
Feb 3, 2024
A vulnerability was found in Jspxcms 10.2.0 and classified as problematic. Affected by this issue...
Moderate
Unreviewed
CVE-2024-1200
was published
Feb 3, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31006
was published
Feb 3, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31005
was published
Feb 3, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-32329
was published
Feb 3, 2024
A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1...
Moderate
Unreviewed
CVE-2024-1196
was published
Feb 3, 2024
A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this...
Moderate
Unreviewed
CVE-2024-1195
was published
Feb 3, 2024
A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-1199
was published
Feb 3, 2024
A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is...
Moderate
Unreviewed
CVE-2024-1198
was published
Feb 3, 2024
A reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix...
Moderate
Unreviewed
CVE-2023-37527
was published
Feb 2, 2024
A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2024-1189
was published
Feb 2, 2024
ProTip!
Advisories are also available from the
GraphQL API