GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT...
Moderate
Unreviewed
CVE-2024-1578
was published
Sep 16, 2024
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a...
Moderate
Unreviewed
CVE-2024-3175
was published
Jul 17, 2024
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and...
Critical
Unreviewed
CVE-2024-4879
was published
Jul 10, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0...
High
Unreviewed
CVE-2023-47726
was published
Jun 18, 2024
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0...
Moderate
Unreviewed
CVE-2023-47727
was published
May 2, 2024
An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD)...
High
Unreviewed
CVE-2024-30395
was published
Apr 12, 2024
In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP...
Moderate
Unreviewed
CVE-2024-31948
was published
Apr 7, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the...
High
Unreviewed
CVE-2024-29946
was published
Mar 27, 2024
Kubelet vulnerable to bypass of seccomp profile enforcement
Moderate
CVE-2023-2431
was published
for
k8s.io/kubernetes
(Go)
Jun 16, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),...
High
Unreviewed
CVE-2021-44694
was published
Dec 13, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All...
High
Unreviewed
CVE-2022-43723
was published
Dec 13, 2022
phpCAS vulnerable to Service Hostname Discovery Exploitation
High
CVE-2022-39369
was published
for
apereo/phpcas
(Composer)
Nov 1, 2022
Insufficient validation when decoding a Socket.IO packet
Critical
CVE-2022-2421
was published
for
socket.io-parser
(npm)
Oct 26, 2022
Insufficient type validation in pocketmine/pocketmine-mp
High
GHSA-g5rr-p69h-7v3g
was published
for
pocketmine/pocketmine-mp
(Composer)
Apr 22, 2022
go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON
Moderate
CVE-2021-20329
was published
for
go.mongodb.org/mongo-driver
(Go)
Jun 15, 2021
ProTip!
Advisories are also available from the
GraphQL API