Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker... Moderate Unreviewed
CVE-2024-6299 was published Jun 25, 2024
Moodle uses the same key for QR login and auto-login Moderate
CVE-2024-38277 was published for moodle/moodle (Composer) Jun 18, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31895 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31893 was published May 22, 2024
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-31894 was published May 22, 2024
An authentication bypass vulnerability exists in the get_IFTTTTtoken.cgi functionality of Asus RT... High Unreviewed
CVE-2022-35401 was published Jan 10, 2023
The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x... Moderate Unreviewed
CVE-2019-3790 was published May 24, 2022
Contao Does Not Expire Tokens Correctly Critical
CVE-2019-10643 was published for contao/contao (Composer) May 13, 2022
Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its... High Unreviewed
CVE-2021-33020 was published Apr 3, 2022
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server Moderate
CVE-2022-24732 was published for github.com/foxcpp/maddy (Go) Mar 7, 2022
ysf
ProTip! Advisories are also available from the GraphQL API