GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,610 advisories
Filter by severity
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Low
CVE-2024-38364
was published
for
org.dspace:dspace-server-webapp
(Maven)
Jun 25, 2024
HCL Connections contains a broken access control vulnerability that may allow unauthorized user...
Low
Unreviewed
CVE-2023-37541
was published
Jun 25, 2024
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether...
Low
Unreviewed
CVE-2024-6300
was published
Jun 25, 2024
Dell Client Platform BIOS contains an Out-of-bounds Write vulnerability in an externally...
Low
Unreviewed
CVE-2024-32855
was published
Jun 25, 2024
udn News Android APP stores the unencrypted user session in the local database when user log into...
Low
Unreviewed
CVE-2024-6295
was published
Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management...
Low
Unreviewed
CVE-2024-6267
was published
Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an...
Low
Unreviewed
CVE-2024-6251
was published
Jun 22, 2024
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue...
Low
Unreviewed
CVE-2022-44593
was published
Jun 21, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Low
CVE-2024-5967
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Jun 21, 2024
SpiceDB exclusions can result in no permission returned when permission expected
Low
CVE-2024-38361
was published
for
github.com/authzed/spicedb
(Go)
Jun 20, 2024
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected...
Low
Unreviewed
CVE-2024-6129
was published
Jun 18, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials
Low
GHSA-gmrm-8fx4-66x7
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 18, 2024
•
withdrawn
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible
Low
Unreviewed
CVE-2024-38507
was published
Jun 18, 2024
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This...
Low
Unreviewed
CVE-2024-6082
was published
Jun 18, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as...
Low
Unreviewed
CVE-2024-6063
was published
Jun 17, 2024
A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager...
Low
Unreviewed
CVE-2024-6059
was published
Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic....
Low
Unreviewed
CVE-2024-6062
was published
Jun 17, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as...
Low
Unreviewed
CVE-2024-6061
was published
Jun 17, 2024
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as...
Low
Unreviewed
CVE-2024-6056
was published
Jun 17, 2024
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user...
Low
Unreviewed
CVE-2024-31870
was published
Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application.
Low
Unreviewed
CVE-2024-30120
was published
Jun 15, 2024
Mattermost Desktop App allows for bypassing TCC restrictions on macOS
Low
CVE-2024-36287
was published
for
mattermost-desktop
(npm)
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API