GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,103
Pub
10
RubyGems
837
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
222,330 advisories
Filter by severity
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin...
Moderate
Unreviewed
CVE-2024-37270
was published
Jul 10, 2024
A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function...
Unknown
Unreviewed
CVE-2024-40417
was published
Jul 10, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session...
Moderate
Unreviewed
CVE-2023-33860
was published
Jul 10, 2024
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and...
Critical
Unreviewed
CVE-2024-4879
was published
Jul 10, 2024
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject...
Moderate
Unreviewed
CVE-2023-35006
was published
Jul 10, 2024
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login...
Moderate
Unreviewed
CVE-2023-33859
was published
Jul 10, 2024
Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the...
Unknown
Unreviewed
CVE-2024-40412
was published
Jul 10, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2024-20456
was published
Jul 10, 2024
Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8...
High
Unreviewed
CVE-2024-3325
was published
Jul 10, 2024
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.
High
Unreviewed
CVE-2024-32759
was published
Jul 10, 2024
ServiceNow has addressed a sensitive file read vulnerability that was identified in the...
Moderate
Unreviewed
CVE-2024-5178
was published
Jul 10, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Washington...
Critical
Unreviewed
CVE-2024-5217
was published
Jul 10, 2024
A vulnerability was found in WuKongOpenSource Wukong_nocode up to 20230807. It has been declared...
Moderate
Unreviewed
CVE-2024-6645
was published
Jul 10, 2024
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-6644
was published
Jul 10, 2024
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
Unknown
Unreviewed
CVE-2024-40336
was published
Jul 10, 2024
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is...
Unknown
Unreviewed
CVE-2024-6642
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40334
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40332
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40333
was published
Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Unknown
Unreviewed
CVE-2024-40328
was published
Jul 10, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2...
High
Unreviewed
CVE-2024-28827
was published
Jul 10, 2024
Insecure handling of POST header parameter body included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3799
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API