Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

113,455 advisories

Loading
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to... Moderate Unreviewed
CVE-2023-46951 was published Mar 1, 2024
A vulnerability classified as critical has been found in SourceCodester Petrol Pump Management... Moderate Unreviewed
CVE-2024-2060 was published Mar 1, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization... Moderate Unreviewed
CVE-2024-24900 was published Mar 1, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump... Moderate Unreviewed
CVE-2024-2062 was published Mar 1, 2024
A vulnerability classified as critical was found in SourceCodester Petrol Pump Management... Moderate Unreviewed
CVE-2024-2061 was published Mar 1, 2024
Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path... Moderate Unreviewed
CVE-2023-39254 was published Mar 1, 2024
Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user... Moderate Unreviewed
CVE-2023-48674 was published Mar 1, 2024
LBT T300- T390 v2.2.1.8 were discovered to contain a stack overflow via the vpn_client_ip... Moderate Unreviewed
CVE-2024-27567 was published Mar 1, 2024
A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ affecting version 2.0.2... Moderate Unreviewed
CVE-2024-2078 was published Mar 1, 2024
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been... Moderate Unreviewed
CVE-2024-2059 was published Mar 1, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate
CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024
oscerd sunSUNQ
The NextMove Lite – Thank You Page for WooCommerce and Finale Lite – Sales Countdown Timer &... Moderate Unreviewed
CVE-2024-1120 was published Mar 1, 2024
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been... Moderate Unreviewed
CVE-2024-2058 was published Mar 1, 2024
A vulnerability was found in Harrison Chase LangChain 0.1.9. It has been classified as critical.... Moderate Unreviewed
CVE-2024-2057 was published Mar 1, 2024
Server-Side Request Forgery (SSRF) vulnerability in sirv.Com Image Optimizer, Resizer and CDN –... Moderate Unreviewed
CVE-2024-27949 was published Mar 1, 2024
Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This... Moderate Unreviewed
CVE-2024-27950 was published Mar 1, 2024
mongo-express Cross-site Request Forgery vulnerability Moderate
CVE-2023-52555 was published for mongo-express (npm) Mar 1, 2024
Nteract Remote Code Execution vulnerability Moderate
CVE-2024-22891 was published for nteract (npm) Mar 1, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have... Moderate Unreviewed
CVE-2023-50305 was published Mar 1, 2024
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2023-28525 was published Mar 1, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery... Moderate Unreviewed
CVE-2023-28949 was published Mar 1, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response... Moderate Unreviewed
CVE-2023-50324 was published Mar 1, 2024
IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote... Moderate Unreviewed
CVE-2023-38366 was published Mar 1, 2024
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user... Moderate Unreviewed
CVE-2023-47716 was published Mar 1, 2024
ProTip! Advisories are also available from the GraphQL API