Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+

152,241 advisories

Loading
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-2156 was published Mar 4, 2024
Apache Ambari: Various Cross site scripting problems Moderate
CVE-2023-50378 was published for org.apache.ambari:ambari (Maven) Mar 1, 2024
oscerd Credited to oscerd
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6,... Moderate Unreviewed
CVE-2023-4895 was published Feb 22, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... Moderate Unreviewed
CVE-2024-1525 was published Feb 22, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2023-47745 was published Mar 3, 2024
IBM Engineering Test Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting.... Moderate Unreviewed
CVE-2023-43054 was published Mar 3, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
paxtest handles temporary files insecurely Moderate Unreviewed
CVE-2010-3373 was published Apr 21, 2022
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the... Moderate Unreviewed
CVE-2010-5337 was published Apr 21, 2022
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the... Moderate Unreviewed
CVE-2010-5338 was published Apr 21, 2022
pootle 2.0.5-0.2 has XSS via 'match_names' parameter Moderate Unreviewed
CVE-2010-4245 was published Apr 21, 2022
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (... Moderate Unreviewed
CVE-2021-4169 was published Dec 27, 2021
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed
CVE-2023-27291 was published Mar 3, 2024
pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. Moderate Unreviewed
CVE-2010-4817 was published Apr 21, 2022
The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for... Moderate Unreviewed
CVE-2009-5158 was published Apr 21, 2022
xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in... Moderate Unreviewed
CVE-2010-0206 was published Apr 21, 2022
Cross-site scripting vulnerability in Booking Package - Appointment Booking Calendar System... Moderate Unreviewed
CVE-2021-20840 was published Nov 25, 2021
This issue affects: Secomea GateManager All versions prior to 9.6. Improper Check of host header... Moderate Unreviewed
CVE-2021-32004 was published Nov 23, 2021
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering. Moderate Unreviewed
CVE-2021-33494 was published Nov 23, 2021
Apache Superset: Improper authorization validation on dashboards and charts import Moderate
CVE-2024-26016 was published for apache-superset (pip) Feb 28, 2024
oscerd Credited to oscerd
Apache Superset: Improper validation of SQL statements allows for unauthorized access to data Moderate
CVE-2024-24773 was published for apache-superset (pip) Feb 28, 2024
oscerd Credited to oscerd
Cross-site scripting (XSS) vulnerability in Grav Moderate
CVE-2023-31506 was published for getgrav/grav (Composer) Feb 9, 2024
Onnx Out-of-bounds Read vulnerability Moderate
CVE-2024-27319 was published for onnx (pip) Feb 23, 2024
iarspider Credited to iarspider
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive,... Moderate Unreviewed
CVE-2021-33491 was published Nov 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database