Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,426 advisories

Loading
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a... Moderate Unreviewed
CVE-2024-22027 was published Jan 12, 2024
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability... Moderate Unreviewed
CVE-2023-45175 was published Jan 11, 2024
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability... Moderate Unreviewed
CVE-2023-45169 was published Jan 11, 2024
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability... Moderate Unreviewed
CVE-2023-45171 was published Jan 11, 2024
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability... Moderate Unreviewed
CVE-2023-45173 was published Jan 11, 2024
An improper input validation vulnerability has been discovered that could allow an adversary to... Moderate Unreviewed
CVE-2023-29446 was published Jan 10, 2024
There is a Cross-site scripting (XSS)  vulnerability in ZTE MF258. Due to insufficient input... Moderate Unreviewed
CVE-2023-41781 was published Jan 10, 2024
Windows Server Key Distribution Service Security Feature Bypass Moderate Unreviewed
CVE-2024-21316 was published Jan 9, 2024
BitLocker Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-20666 was published Jan 9, 2024
Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting... Moderate Unreviewed
CVE-2024-0226 was published Jan 9, 2024
In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed... Moderate Unreviewed
CVE-2024-22165 was published Jan 9, 2024
Improper Input Validation vulnerability in İzmir Katip Çelebi University University Information... Moderate Unreviewed
CVE-2023-6190 was published Dec 27, 2023
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high... Moderate Unreviewed
CVE-2023-39251 was published Dec 22, 2023
IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX... Moderate Unreviewed
CVE-2023-45165 was published Dec 22, 2023
A malicious user could potentially use the Sitefinity system for the distribution of phishing... Moderate Unreviewed
CVE-2023-6784 was published Dec 20, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate... Moderate Unreviewed
CVE-2023-47705 was published Dec 20, 2023
An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows... Moderate Unreviewed
CVE-2023-42012 was published Dec 20, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 may... Moderate Unreviewed
CVE-2023-47161 was published Dec 20, 2023
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability... Moderate Unreviewed
CVE-2023-45172 was published Dec 20, 2023
Vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500... Moderate Unreviewed
CVE-2023-6711 was published Dec 19, 2023
TAIWAN-CA(TWCA) JCICSecurityTool's Registry-related functions have insufficient filtering for... Moderate Unreviewed
CVE-2023-48387 was published Dec 15, 2023
There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not... Moderate Unreviewed
CVE-2023-25650 was published Dec 14, 2023
There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient... Moderate Unreviewed
CVE-2023-25651 was published Dec 14, 2023
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this... Moderate Unreviewed
CVE-2023-49248 was published Dec 6, 2023
Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and... Moderate Unreviewed
CVE-2023-41268 was published Dec 6, 2023
ProTip! Advisories are also available from the GraphQL API