GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,629 advisories
Filter by severity
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
Low
Unreviewed
CVE-2024-41828
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space...
Low
Unreviewed
CVE-2024-41829
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
Low
Unreviewed
CVE-2024-41826
was published
Jul 22, 2024
A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A...
Low
Unreviewed
CVE-2024-32152
was published
Jul 22, 2024
The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to...
Low
Unreviewed
CVE-2024-6694
was published
Jul 20, 2024
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which...
Low
Unreviewed
CVE-2024-30130
was published
Jul 19, 2024
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0...
Low
Unreviewed
CVE-2024-38806
was published
Jul 18, 2024
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition...
Low
Unreviewed
CVE-2024-38870
was published
Jul 17, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2...
Low
Unreviewed
CVE-2023-42010
was published
Jul 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11...
Low
Unreviewed
CVE-2024-6595
was published
Jul 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2024-21164
was published
Jul 17, 2024
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The...
Low
Unreviewed
CVE-2024-21151
was published
Jul 17, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21174
was published
Jul 17, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported...
Low
Unreviewed
CVE-2024-21123
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21138
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21131
was published
Jul 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ...
Low
Unreviewed
CVE-2024-21144
was published
Jul 17, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®...
Low
Unreviewed
CVE-2024-6326
was published
Jul 16, 2024
In the Linux kernel, the following vulnerability has been resolved:
tcp: avoid too many...
Low
Unreviewed
CVE-2024-41007
was published
Jul 15, 2024
Mattermost Mobile Apps versions <=2.16.0 fail to protect against abuse of a globally shared...
Low
Unreviewed
CVE-2024-32945
was published
Jul 15, 2024
Use After Free vulnerability in Silicon Labs Bluetooth SDK on 32 bit, ARM may allow an attacker...
Low
Unreviewed
CVE-2023-41093
was published
Jul 12, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11...
Low
Unreviewed
CVE-2024-2880
was published
Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4...
Low
Unreviewed
CVE-2024-5470
was published
Jul 11, 2024
Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint...
Low
Unreviewed
CVE-2024-23194
was published
Jul 11, 2024
TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel....
Low
Unreviewed
CVE-2024-39886
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API