Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

363 advisories

Loading
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Low
CVE-2024-3177 was published for k8s.io/kubernetes (Go) Apr 23, 2024
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2023-31028 was published Apr 5, 2024
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2024-0080 was published Apr 5, 2024
Concrete CMS Stored XSS in blocks of type file Low
CVE-2024-3180 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing Low
CVE-2024-3179 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Search Field Low
CVE-2024-3181 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter Low
CVE-2024-3178 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS on the calendar color settings screen Low
CVE-2024-2753 was published for concrete5/concrete5 (Composer) Apr 3, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on... Low Unreviewed
CVE-2023-6950 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a... Low Unreviewed
CVE-2024-1221 was published Mar 14, 2024
Concrete CMS Stored Cross-site Scripting vulnerability Low
CVE-2024-2179 was published for concrete5/concrete5 (Composer) Mar 5, 2024
Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature Low
CVE-2024-1246 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS in file tags and description attributes Low
CVE-2024-1245 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS via the Role Name field Low
CVE-2024-1247 was published for concrete5/concrete5 (Composer) Feb 9, 2024
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to... Low Unreviewed
CVE-2023-46159 was published Feb 2, 2024
Improper Input Validation vulnerability in the upload functionality for user avatars allows... Low Unreviewed
CVE-2024-23790 was published Jan 29, 2024
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000... Low Unreviewed
CVE-2023-22439 was published Dec 19, 2023
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2023-48608 was published Dec 15, 2023
Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11... Low Unreviewed
CVE-2023-6381 was published Dec 13, 2023
Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to... Low Unreviewed
CVE-2023-5275 was published Nov 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database