GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,455 advisories
Filter by severity
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to...
Moderate
Unreviewed
CVE-2023-46951
was published
Mar 1, 2024
A vulnerability classified as critical has been found in SourceCodester Petrol Pump Management...
Moderate
Unreviewed
CVE-2024-2060
was published
Mar 1, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization...
Moderate
Unreviewed
CVE-2024-24900
was published
Mar 1, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump...
Moderate
Unreviewed
CVE-2024-2062
was published
Mar 1, 2024
A vulnerability classified as critical was found in SourceCodester Petrol Pump Management...
Moderate
Unreviewed
CVE-2024-2061
was published
Mar 1, 2024
Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path...
Moderate
Unreviewed
CVE-2023-39254
was published
Mar 1, 2024
Dell Platform BIOS contains an Improper Null Termination vulnerability. A high privilege user...
Moderate
Unreviewed
CVE-2023-48674
was published
Mar 1, 2024
LBT T300- T390 v2.2.1.8 were discovered to contain a stack overflow via the vpn_client_ip...
Moderate
Unreviewed
CVE-2024-27567
was published
Mar 1, 2024
A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ affecting version 2.0.2...
Moderate
Unreviewed
CVE-2024-2078
was published
Mar 1, 2024
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been...
Moderate
Unreviewed
CVE-2024-2059
was published
Mar 1, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users
Moderate
CVE-2024-26280
was published
for
apache-airflow
(pip)
Mar 1, 2024
The NextMove Lite – Thank You Page for WooCommerce and Finale Lite – Sales Countdown Timer &...
Moderate
Unreviewed
CVE-2024-1120
was published
Mar 1, 2024
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been...
Moderate
Unreviewed
CVE-2024-2058
was published
Mar 1, 2024
A vulnerability was found in Harrison Chase LangChain 0.1.9. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-2057
was published
Mar 1, 2024
Server-Side Request Forgery (SSRF) vulnerability in sirv.Com Image Optimizer, Resizer and CDN –...
Moderate
Unreviewed
CVE-2024-27949
was published
Mar 1, 2024
Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This...
Moderate
Unreviewed
CVE-2024-27950
was published
Mar 1, 2024
mongo-express Cross-site Request Forgery vulnerability
Moderate
CVE-2023-52555
was published
for
mongo-express
(npm)
Mar 1, 2024
Nteract Remote Code Execution vulnerability
Moderate
CVE-2024-22891
was published
for
nteract
(npm)
Mar 1, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have...
Moderate
Unreviewed
CVE-2023-50305
was published
Mar 1, 2024
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This...
Moderate
Unreviewed
CVE-2023-28525
was published
Mar 1, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than...
Moderate
Unreviewed
CVE-2023-50312
was published
Mar 1, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery...
Moderate
Unreviewed
CVE-2023-28949
was published
Mar 1, 2024
IBM Cognos Command Center 10.2.4.1 and 10.2.5 exposes details the X-AspNet-Version Response...
Moderate
Unreviewed
CVE-2023-50324
was published
Mar 1, 2024
IBM Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a remote...
Moderate
Unreviewed
CVE-2023-38366
was published
Mar 1, 2024
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user...
Moderate
Unreviewed
CVE-2023-47716
was published
Mar 1, 2024
ProTip!
Advisories are also available from the
GraphQL API