GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,832 advisories
Filter by severity
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR...
Low
Unreviewed
CVE-2015-4481
was published
May 14, 2022
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the...
Low
Unreviewed
CVE-2024-43173
was published
Oct 22, 2024
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker...
Low
Unreviewed
CVE-2024-47486
was published
Oct 18, 2024
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application...
Low
Unreviewed
CVE-2024-4211
was published
Oct 16, 2024
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application...
Low
Unreviewed
CVE-2024-4692
was published
Oct 16, 2024
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple...
Low
Unreviewed
CVE-2014-1595
was published
May 17, 2022
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management...
Low
Unreviewed
CVE-2024-0716
was published
Jan 19, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier...
Low
Unreviewed
CVE-2024-46897
was published
Oct 18, 2024
Insufficient verification of data authenticity in
the configuration state machine may allow a...
Low
Unreviewed
CVE-2023-20570
was published
Feb 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43686
was published
Oct 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43687
was published
Oct 4, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21251
was published
Oct 15, 2024
Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and...
Low
Unreviewed
CVE-2024-21257
was published
Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21208
was published
Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21211
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services...
Low
Unreviewed
CVE-2024-21232
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). ...
Low
Unreviewed
CVE-2024-21231
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication...
Low
Unreviewed
CVE-2024-21237
was published
Oct 15, 2024
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ...
Low
Unreviewed
CVE-2024-21247
was published
Oct 15, 2024
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that...
Low
Unreviewed
CVE-2024-21242
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). ...
Low
Unreviewed
CVE-2024-21244
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). ...
Low
Unreviewed
CVE-2024-21243
was published
Oct 15, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2024-21253
was published
Oct 15, 2024
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ...
Low
Unreviewed
CVE-2024-21209
was published
Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are...
Low
Unreviewed
CVE-2024-21210
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API