GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,866
Composer 4,473
Erlang 33
GitHub Actions 24
Go 2,198
Maven 5,423
npm 3,842
NuGet 696
pip 3,632
Pub 12
RubyGems 911
Rust 912
Swift 38

Unreviewed advisories

All unreviewed 248,737

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

166 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in OpenSlides before 4.2.5. When creating new chats via the chat_group... Low Unreviewed

CVE-2025-30345 was published Mar 21, 2025

Improper encoding or escaping of output vulnerability in the webapi component in Synology... Moderate Unreviewed

CVE-2024-50629 was published Mar 19, 2025

Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology... Critical Unreviewed

CVE-2024-10441 was published Mar 19, 2025

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper... Moderate Unreviewed

CVE-2023-35894 was published Mar 7, 2025

During an address list folding when a separating comma ends up on a folded line and that line is... Low Unreviewed

CVE-2025-1795 was published Feb 28, 2025

Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0... High Unreviewed

CVE-2024-12368 was published Feb 25, 2025

IBM OpenPages with Watson 8.3 and 9.0 may write improperly neutralized data to server log files... Moderate Unreviewed

CVE-2024-49355 was published Feb 20, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed

CVE-2024-56473 was published Feb 6, 2025

Improper Encoding or Escaping of Output vulnerability in Poll Maker Team Poll Maker. This issue... Moderate Unreviewed

CVE-2024-56277 was published Jan 21, 2025

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow an authenticated user... Moderate Unreviewed

CVE-2024-52891 was published Jan 7, 2025

A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3... High Unreviewed

CVE-2024-46547 was published Dec 9, 2024

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper... High Unreviewed

CVE-2018-9433 was published Nov 20, 2024

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow... High Unreviewed

CVE-2024-47549 was published Oct 25, 2024

A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System <= 5.16.1.33... Moderate Unreviewed

CVE-2024-40088 was published Oct 21, 2024

A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab... Moderate Unreviewed

CVE-2024-47224 was published Oct 21, 2024

Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. High Unreviewed

CVE-2024-9348 was published Oct 16, 2024

Account users in Apache CloudStack by default are allowed to upload and register templates for... High Unreviewed

CVE-2024-45219 was published Oct 16, 2024

An unauthenticated local attacker can gain admin privileges by deploying a config file due to... High Unreviewed

CVE-2024-45271 was published Oct 15, 2024

An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x... Moderate Unreviewed

CVE-2023-45359 was published Oct 9, 2024

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS... Moderate Unreviewed

CVE-2024-47845 was published Oct 5, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2... Low Unreviewed

CVE-2024-4099 was published Sep 27, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),... Critical Unreviewed

CVE-2024-7873 was published Sep 17, 2024

A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-8297 was published Aug 29, 2024

In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible... High Unreviewed

CVE-2024-34739 was published Aug 16, 2024

Windows App Installer Spoofing Vulnerability High Unreviewed

CVE-2024-38177 was published Aug 13, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

166 advisories