GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
213 advisories
Filter by severity
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error...
Moderate
Unreviewed
CVE-2024-21619
was published
Jan 26, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an...
Moderate
Unreviewed
CVE-2023-47152
was published
Jan 22, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device...
Moderate
Unreviewed
CVE-2023-49107
was published
Jan 16, 2024
Windows TCP/IP Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-21313
was published
Jan 9, 2024
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed...
Moderate
Unreviewed
CVE-2023-45701
was published
Dec 28, 2023
ONTAP Mediator versions prior to 1.7 are susceptible to a
vulnerability that can allow an...
Moderate
Unreviewed
CVE-2023-27319
was published
Dec 22, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2023-47703
was published
Dec 20, 2023
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.14, 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2...
Moderate
Unreviewed
CVE-2023-42013
was published
Dec 20, 2023
Due to improper error handling, a REST API resource could expose a server side error containing...
Moderate
Unreviewed
CVE-2023-6839
was published
Dec 15, 2023
Kaifa Technology WebITR is an online attendance system. A remote attacker with regular user...
Moderate
Unreviewed
CVE-2023-48393
was published
Dec 15, 2023
IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a...
Moderate
Unreviewed
CVE-2023-49878
was published
Dec 13, 2023
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2023-43021
was published
Dec 1, 2023
The response messages received from the eSOMS report generation using certain parameter queries...
Moderate
Unreviewed
CVE-2023-5514
was published
Nov 1, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2022-43891
was published
Oct 17, 2023
The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page...
Moderate
Unreviewed
CVE-2023-5089
was published
Oct 16, 2023
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when...
Moderate
Unreviewed
CVE-2023-5177
was published
Oct 16, 2023
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details...
Moderate
Unreviewed
CVE-2023-41365
was published
Oct 10, 2023
The Statutory Reporting application has a vulnerable file storage location, potentially enabling...
Moderate
Unreviewed
CVE-2023-42475
was published
Oct 10, 2023
A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an...
Moderate
Unreviewed
CVE-2023-0833
was published
Sep 27, 2023
Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router...
High
Unreviewed
CVE-2023-41027
was published
Sep 22, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected...
Moderate
Unreviewed
CVE-2023-40725
was published
Sep 14, 2023
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version...
Moderate
Unreviewed
CVE-2023-37489
was published
Sep 14, 2023
An information disclosure vulnerability exists in the OAS Engine configuration management...
Moderate
Unreviewed
CVE-2023-35124
was published
Sep 5, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain...
High
Unreviewed
CVE-2023-33835
was published
Aug 31, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 could allow a remote attacker to obtain...
Moderate
Unreviewed
CVE-2023-33834
was published
Aug 31, 2023
ProTip!
Advisories are also available from the
GraphQL API