Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,610 advisories

Loading
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document Low
CVE-2024-38364 was published for org.dspace:dspace-server-webapp (Maven) Jun 25, 2024
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2023-37541 was published Jun 25, 2024
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether... Low Unreviewed
CVE-2024-6300 was published Jun 25, 2024
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally... Low Unreviewed
CVE-2024-32855 was published Jun 25, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into... Low Unreviewed
CVE-2024-6295 was published Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A... Low Unreviewed
CVE-2024-6294 was published Jun 25, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management... Low Unreviewed
CVE-2024-6267 was published Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic.... Low Unreviewed
CVE-2024-6252 was published Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an... Low Unreviewed
CVE-2024-6251 was published Jun 22, 2024
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue... Low Unreviewed
CVE-2022-44593 was published Jun 21, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
SpiceDB exclusions can result in no permission returned when permission expected Low
CVE-2024-38361 was published for github.com/authzed/spicedb (Go) Jun 20, 2024
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected... Low Unreviewed
CVE-2024-6129 was published Jun 18, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Low Unreviewed
CVE-2024-38507 was published Jun 18, 2024
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This... Low Unreviewed
CVE-2024-6082 was published Jun 18, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as... Low Unreviewed
CVE-2024-6063 was published Jun 17, 2024
A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager... Low Unreviewed
CVE-2024-6059 was published Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic.... Low Unreviewed
CVE-2024-6062 was published Jun 17, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as... Low Unreviewed
CVE-2024-6061 was published Jun 17, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Low Unreviewed
CVE-2024-6056 was published Jun 17, 2024
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user... Low Unreviewed
CVE-2024-31870 was published Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header.  This... Low Unreviewed
CVE-2024-30119 was published Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application. Low Unreviewed
CVE-2024-30120 was published Jun 15, 2024
Mattermost Desktop App allows for bypassing TCC restrictions on macOS Low
CVE-2024-36287 was published for mattermost-desktop (npm) Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API