Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,164
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,458
Pub
12
RubyGems
991
Rust
1,184
Swift
50
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

293,413 advisories

Loading
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-2156 was published Mar 4, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to... High Unreviewed
CVE-2024-0410 was published Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 to 16.7.6,... Moderate Unreviewed
CVE-2023-4895 was published Feb 22, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... Moderate Unreviewed
CVE-2024-1525 was published Feb 22, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2023-47745 was published Mar 3, 2024
IBM Engineering Test Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting.... Moderate Unreviewed
CVE-2023-43054 was published Mar 3, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions... Low Unreviewed
CVE-2023-3509 was published Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which... High Unreviewed
CVE-2010-4657 was published Apr 21, 2022
Rbot Reaction plugin allows command execution Critical Unreviewed
CVE-2010-2446 was published Apr 21, 2022
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain... High Unreviewed
CVE-2010-5304 was published Apr 21, 2022
An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi... Critical Unreviewed
CVE-2009-5156 was published Apr 21, 2022
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss... High Unreviewed
CVE-2010-5335 was published Apr 21, 2022
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion Critical Unreviewed
CVE-2010-4239 was published Apr 21, 2022
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not... High Unreviewed
CVE-2010-0737 was published Apr 21, 2022
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended... Critical Unreviewed
CVE-2010-2783 was published Apr 21, 2022
Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received... High Unreviewed
CVE-2010-3048 was published Apr 21, 2022
paxtest handles temporary files insecurely Moderate Unreviewed
CVE-2010-3373 was published Apr 21, 2022
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the... Moderate Unreviewed
CVE-2010-5337 was published Apr 21, 2022
I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. High Unreviewed
CVE-2005-2352 was published Apr 21, 2022
archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. High Unreviewed
CVE-2006-4245 was published Apr 21, 2022
pixelpost 1.7.1-5 has SQL injection Critical Unreviewed
CVE-2009-4899 was published Apr 21, 2022
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation (... Moderate Unreviewed
CVE-2021-4169 was published Dec 27, 2021
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions... High Unreviewed
CVE-2009-5068 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database