GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,776 advisories
Filter by severity
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27346
was published
Apr 3, 2024
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27336
was published
Apr 3, 2024
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-27343
was published
Apr 3, 2024
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-30329
was published
Apr 3, 2024
Concrete CMS Stored XSS on the calendar color settings screen
Low
CVE-2024-2753
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter
Low
CVE-2024-3178
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing
Low
CVE-2024-3179
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
Concrete CMS Stored XSS in the Search Field
Low
CVE-2024-3181
was published
for
concrete5/concrete5
(Composer)
Apr 3, 2024
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which...
Low
Unreviewed
CVE-2002-2000
was published
Apr 23, 2022
ruby193 uses an insecure LD_LIBRARY_PATH setting.
Low
Unreviewed
CVE-2013-1945
was published
May 5, 2022
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that...
Low
Unreviewed
CVE-2018-2005
was published
May 24, 2022
Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read...
Low
Unreviewed
CVE-2019-5296
was published
May 24, 2022
Diagnostics Agent in Solution Manager, version 7.2, stores several credentials such as SLD user...
Low
Unreviewed
CVE-2019-0307
was published
May 24, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange...
Low
Unreviewed
CVE-2019-10155
was published
May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the...
Low
Unreviewed
CVE-2018-10947
was published
May 24, 2022
Logic condition in specific microprocessors may allow an authenticated user to potentially enable...
Low
Unreviewed
CVE-2019-0174
was published
May 24, 2022
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial...
Low
Unreviewed
CVE-2019-13232
was published
May 24, 2022
GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish...
Low
Unreviewed
CVE-2019-1010310
was published
May 24, 2022
IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracrypt), all versions (Truecrypt...
Low
Unreviewed
CVE-2019-1010208
was published
May 24, 2022
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories...
Low
Unreviewed
CVE-2018-20894
was published
May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation...
Low
Unreviewed
CVE-2018-20897
was published
May 24, 2022
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
Low
Unreviewed
CVE-2018-20896
was published
May 24, 2022
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
Low
Unreviewed
CVE-2018-20927
was published
May 24, 2022
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by...
Low
Unreviewed
CVE-2018-20939
was published
May 24, 2022
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval...
Low
Unreviewed
CVE-2018-20943
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API