GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,327
Composer 3,958
Erlang 29
GitHub Actions 16
Go 1,745
Maven 4,971
npm 3,507
NuGet 609
pip 3,066
Pub 10
RubyGems 832
Rust 780
Swift 34

Unreviewed advisories

All unreviewed 220,825

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

10,601 advisories

Filter by severity

Sort by

Least recently updated

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue... Low Unreviewed

CVE-2022-44593 was published Jun 21, 2024

Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low

CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024

SpiceDB exclusions can result in no permission returned when permission expected Low

CVE-2024-38361 was published for github.com/authzed/spicedb (Go) Jun 20, 2024

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected... Low Unreviewed

CVE-2024-6129 was published Jun 18, 2024

Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low

GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 • withdrawn

In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Low Unreviewed

CVE-2024-38507 was published Jun 18, 2024

A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This... Low Unreviewed

CVE-2024-6082 was published Jun 18, 2024

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as... Low Unreviewed

CVE-2024-6063 was published Jun 17, 2024

A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager... Low Unreviewed

CVE-2024-6059 was published Jun 17, 2024

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic.... Low Unreviewed

CVE-2024-6062 was published Jun 17, 2024

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as... Low Unreviewed

CVE-2024-6061 was published Jun 17, 2024

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as... Low Unreviewed

CVE-2024-6056 was published Jun 17, 2024

IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user... Low Unreviewed

CVE-2024-31870 was published Jun 15, 2024

HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This... Low Unreviewed

CVE-2024-30119 was published Jun 15, 2024

HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application. Low Unreviewed

CVE-2024-30120 was published Jun 15, 2024

Apache Airflow does not return the "Cache-Control" header for dynamic content Low

CVE-2024-25142 was published for apache-airflow (pip) Jun 14, 2024

Mattermost Desktop App allows for bypassing TCC restrictions on macOS Low

CVE-2024-36287 was published for mattermost-desktop (npm) Jun 14, 2024

DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior... Low Unreviewed

CVE-2024-5469 was published Jun 14, 2024

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is... Low Unreviewed

CVE-2024-3073 was published Jun 13, 2024

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed

CVE-2024-36226 was published Jun 13, 2024

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed

CVE-2024-26127 was published Jun 13, 2024

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed

CVE-2024-26126 was published Jun 13, 2024

HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims Low

CVE-2024-5798 was published for github.com/hashicorp/vault (Go) Jun 12, 2024

Keycloak Denial of Service via account lockout Low

GHSA-cq42-vhv7-xr7p was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024

Keycloak's improper input validation allows using email as username Low

GHSA-4vc8-pg5c-vg4x was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

10,601 advisories