GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,759 advisories
Filter by severity
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as...
Low
Unreviewed
CVE-2024-9075
was published
Sep 22, 2024
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected...
Low
Unreviewed
CVE-2024-6129
was published
Jun 18, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37396
was published
Apr 19, 2024
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an...
Low
Unreviewed
CVE-2023-28372
was published
Oct 3, 2023
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for...
Low
Unreviewed
CVE-2024-8612
was published
Sep 20, 2024
Insufficient control flow management in some Zoom clients may allow an authenticated user to...
Low
Unreviewed
CVE-2023-43588
was published
Nov 15, 2023
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Low
Unreviewed
CVE-2023-5937
was published
May 15, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an...
Low
Unreviewed
CVE-2024-6251
was published
Jun 22, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized...
Low
Unreviewed
CVE-2023-34117
was published
Jul 11, 2023
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not...
Low
Unreviewed
CVE-2024-36066
was published
Sep 12, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7...
Low
Unreviewed
CVE-2024-6685
was published
Sep 17, 2024
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory...
Low
Unreviewed
CVE-2024-42425
was published
Sep 10, 2024
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to...
Low
Unreviewed
CVE-2023-25546
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an...
Low
Unreviewed
CVE-2024-36261
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Low
Unreviewed
CVE-2024-28170
was published
Sep 16, 2024
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a...
Low
Unreviewed
CVE-2023-5081
was published
Jan 19, 2024
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background...
Low
Unreviewed
CVE-2023-5870
was published
Dec 10, 2023
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Low
Unreviewed
CVE-2024-46970
was published
Sep 16, 2024
An improper certificate validation vulnerability has been reported to affect QuMagie. If...
Low
Unreviewed
CVE-2024-38642
was published
Sep 6, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the...
Low
Unreviewed
CVE-2024-8869
was published
Sep 16, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An...
Low
Unreviewed
CVE-2024-45617
was published
Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An...
Low
Unreviewed
CVE-2024-45616
was published
Sep 4, 2024
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An...
Low
Unreviewed
CVE-2024-45615
was published
Sep 4, 2024
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This...
Low
Unreviewed
CVE-2024-6082
was published
Jun 18, 2024
ProTip!
Advisories are also available from the
GraphQL API