GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,028
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,157
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,770 advisories
Filter by severity
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the...
Low
Unreviewed
CVE-2024-3454
was published
Jul 24, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/vc4: hdmi: Unregister...
Low
Unreviewed
CVE-2022-48852
was published
Jul 16, 2024
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space...
Low
Unreviewed
CVE-2024-41829
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
Low
Unreviewed
CVE-2024-41826
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
Low
Unreviewed
CVE-2024-41828
was published
Jul 22, 2024
The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to...
Low
Unreviewed
CVE-2024-6694
was published
Jul 20, 2024
Withdrawn Advisory: Insufficient Granularity of Access Control in JSDom
Low
CVE-2021-20066
was published
for
jsdom
(npm)
May 24, 2022
•
withdrawn
In the Linux kernel, the following vulnerability has been resolved:
tcp: avoid too many...
Low
Unreviewed
CVE-2024-41007
was published
Jul 15, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11...
Low
Unreviewed
CVE-2024-6595
was published
Jul 17, 2024
A vulnerability has been identified in Node.js, affecting users of the experimental permission...
Low
Unreviewed
CVE-2024-22018
was published
Jul 10, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21131
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21138
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2024-21144
was published
Jul 17, 2024
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which...
Low
Unreviewed
CVE-2024-30130
was published
Jul 19, 2024
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0...
Low
Unreviewed
CVE-2024-38806
was published
Jul 18, 2024
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition...
Low
Unreviewed
CVE-2024-38870
was published
Jul 17, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2...
Low
Unreviewed
CVE-2023-42010
was published
Jul 17, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported...
Low
Unreviewed
CVE-2024-21123
was published
Jul 17, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21174
was published
Jul 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2024-21164
was published
Jul 17, 2024
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The...
Low
Unreviewed
CVE-2024-21151
was published
Jul 17, 2024
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow...
Low
Unreviewed
CVE-2013-5223
was published
May 17, 2022
The `size` option isn't honored after following a redirect in node-fetch
Low
CVE-2020-15168
was published
for
node-fetch
(npm)
Sep 10, 2020
RISC Zero zkVM notes on zero-knowledge
Low
GHSA-5xgj-pmjj-gw49
was published
for
risc0-zkvm
(Rust)
Jul 15, 2024
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared...
Low
Unreviewed
CVE-2024-32945
was published
Jul 15, 2024
ProTip!
Advisories are also available from the
GraphQL API