GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,056 advisories

Filter by severity

Sort by

Least recently updated

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed

CVE-2023-37395 was published Dec 11, 2024

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation... Low Unreviewed

CVE-2024-43755 was published Dec 11, 2024

Adobe Experience Manager versions 6.5.21 and earlier are affected by an Improper Input Validation... Low Unreviewed

CVE-2024-52831 was published Dec 11, 2024

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed

CVE-2024-54050 was published Dec 10, 2024

Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed

CVE-2024-54051 was published Dec 10, 2024

In Splunk Enterprise versions below 9.3.0, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions... Low Unreviewed

CVE-2024-53245 was published Dec 10, 2024

Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information... Low Unreviewed

CVE-2024-47577 was published Dec 10, 2024

SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL... Low Unreviewed

CVE-2024-47576 was published Dec 10, 2024

An Improper Certificate Validation vulnerability exists in Tenable Security Center where an... Low Unreviewed

CVE-2024-12174 was published Dec 10, 2024

User credentials (login & password) are inserted into log files when a user tries to authenticate... Low Unreviewed

CVE-2024-12057 was published Dec 9, 2024

Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting... Low Unreviewed

CVE-2023-28168 was published Dec 9, 2024

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly... Low Unreviewed

CVE-2023-23825 was published Dec 9, 2024

Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord,... Low Unreviewed

CVE-2023-24375 was published Dec 9, 2024

Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting... Low Unreviewed

CVE-2023-23814 was published Dec 9, 2024

Insufficient validation of filenames against control characters in Apache Subversion repositories... Low Unreviewed

CVE-2024-46901 was published Dec 9, 2024

A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed

CVE-2024-50402 was published Dec 6, 2024

A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed

CVE-2024-50403 was published Dec 6, 2024

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect... Low Unreviewed

CVE-2024-48866 was published Dec 6, 2024

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a... Low Unreviewed

CVE-2024-42195 was published Dec 5, 2024

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13... Low Unreviewed

CVE-2024-54014 was published Dec 5, 2024

The Client secret is not checked when using the OAuth Password grant type. By exploiting this... Low Unreviewed

CVE-2024-12056 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed

CVE-2024-54155 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed

CVE-2024-54153 was published Dec 4, 2024

In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of... Low Unreviewed

CVE-2024-54158 was published Dec 4, 2024

Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php... Low Unreviewed

CVE-2024-53502 was published Dec 4, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,056 advisories