Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

208 advisories

Loading
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15... Moderate Unreviewed
CVE-2024-5435 was published Sep 12, 2024
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It... Moderate Unreviewed
CVE-2024-8571 was published Sep 8, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2023-47728 was published Aug 16, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-39751 was published Aug 6, 2024
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server... Critical Unreviewed
CVE-2024-6980 was published Jul 31, 2024
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML... Low Unreviewed
CVE-2024-5250 was published Jul 30, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the... Low Unreviewed
CVE-2024-3454 was published Jul 24, 2024
IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-35640 was published Jul 17, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-39737 was published Jul 15, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-50953 was published Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35119 was published Jun 30, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2024-35156 was published Jun 29, 2024
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-35155 was published Jun 28, 2024
An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application... Moderate Unreviewed
CVE-2024-31844 was published May 21, 2024
A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of... Critical Unreviewed
CVE-2024-28285 was published May 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote attacker to obtain... Low Unreviewed
CVE-2023-23474 was published May 3, 2024
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-28939 was published Apr 9, 2024
.NET Framework Information Disclosure Vulnerability High Unreviewed
CVE-2024-29059 was published Mar 23, 2024
IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-32756 was published Mar 22, 2024
A vulnerability was found in Nway Pro 9. It has been rated as problematic. Affected by this issue... Moderate Unreviewed
CVE-2024-2009 was published Feb 29, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product... Moderate Unreviewed
CVE-2024-21866 was published Feb 2, 2024
An email address enumeration vulnerability exists in the password reset function of SEO Panel... Moderate Unreviewed
CVE-2024-22646 was published Jan 30, 2024
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error... Moderate Unreviewed
CVE-2024-21619 was published Jan 26, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device... Moderate Unreviewed
CVE-2023-49107 was published Jan 16, 2024
Windows TCP/IP Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-21313 was published Jan 9, 2024
ProTip! Advisories are also available from the GraphQL API