GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,106 advisories
Filter by severity
A vulnerability was found in Pear Admin Boot up to 2.0.2 and classified as critical. This issue...
Moderate
Unreviewed
CVE-2024-6241
was published
Jun 21, 2024
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was...
Moderate
Unreviewed
CVE-2024-21515
was published
Jun 22, 2024
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was...
Moderate
Unreviewed
CVE-2024-21517
was published
Jun 22, 2024
An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The...
Moderate
Unreviewed
CVE-2024-4940
was published
Jun 22, 2024
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’...
Moderate
Unreviewed
CVE-2024-5966
was published
Jun 22, 2024
The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’...
Moderate
Unreviewed
CVE-2024-5965
was published
Jun 22, 2024
The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
Moderate
Unreviewed
CVE-2024-5596
was published
Jun 22, 2024
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was...
Moderate
Unreviewed
CVE-2024-21516
was published
Jun 22, 2024
The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all...
Moderate
Unreviewed
CVE-2024-4874
was published
Jun 22, 2024
This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation...
Moderate
Unreviewed
CVE-2024-21519
was published
Jun 22, 2024
The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX...
Moderate
Unreviewed
CVE-2024-5346
was published
Jun 22, 2024
The Table Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-4313
was published
Jun 22, 2024
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-2484
was published
Jun 22, 2024
The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and...
Moderate
Unreviewed
CVE-2024-6120
was published
Jun 22, 2024
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may...
Moderate
Unreviewed
CVE-2023-47855
was published
May 16, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2023-21939
was published
Apr 18, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system...
Moderate
Unreviewed
CVE-2023-35009
was published
Aug 17, 2023
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to server-side request forgery ...
Moderate
Unreviewed
CVE-2023-35011
was published
Aug 17, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary:...
Moderate
Unreviewed
CVE-2023-3817
was published
Jul 31, 2023
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms...
Moderate
Unreviewed
CVE-2021-4160
was published
Feb 8, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2022-21496
was published
Apr 20, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2022-21434
was published
Apr 20, 2022
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2023-21954
was published
Apr 18, 2023
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2023-21967
was published
Apr 18, 2023
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Moderate
Unreviewed
CVE-2021-35564
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API