GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,759 advisories
Filter by severity
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in...
Low
Unreviewed
CVE-2024-40777
was published
Jul 30, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
“socket” module provides a pure...
Low
Unreviewed
CVE-2024-3219
was published
Jul 30, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and...
Low
Unreviewed
CVE-2023-42957
was published
Jul 29, 2024
This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS...
Low
Unreviewed
CVE-2023-42949
was published
Jul 29, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed...
Low
Unreviewed
CVE-2023-42925
was published
Jul 29, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma...
Low
Unreviewed
CVE-2023-42948
was published
Jul 29, 2024
Honeywell PC42t, PC42tp, and PC42d Printers, T10.19.020016 to T10.20.060398, contain a cross-site...
Low
Unreviewed
CVE-2024-6620
was published
Jul 29, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as...
Low
Unreviewed
CVE-2024-7155
was published
Jul 28, 2024
An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a...
Low
Unreviewed
CVE-2024-4786
was published
Jul 26, 2024
In affected versions of Octopus Server under certain conditions, a user with specific role...
Low
Unreviewed
CVE-2024-4811
was published
Jul 25, 2024
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all...
Low
Unreviewed
CVE-2024-7060
was published
Jul 25, 2024
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior...
Low
Unreviewed
CVE-2024-0231
was published
Jul 25, 2024
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user...
Low
Unreviewed
CVE-2024-37533
was published
Jul 24, 2024
There is a low severity open redirect vulnerability within affected versions of Bitbucket Data...
Low
Unreviewed
CVE-2024-21684
was published
Jul 24, 2024
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the...
Low
Unreviewed
CVE-2024-3454
was published
Jul 24, 2024
libcurl's URL API function
[curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers...
Low
Unreviewed
CVE-2024-6874
was published
Jul 24, 2024
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space...
Low
Unreviewed
CVE-2024-41829
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
Low
Unreviewed
CVE-2024-41826
was published
Jul 22, 2024
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
Low
Unreviewed
CVE-2024-41828
was published
Jul 22, 2024
The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to...
Low
Unreviewed
CVE-2024-6694
was published
Jul 20, 2024
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which...
Low
Unreviewed
CVE-2024-30130
was published
Jul 19, 2024
Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0...
Low
Unreviewed
CVE-2024-38806
was published
Jul 18, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2...
Low
Unreviewed
CVE-2023-42010
was published
Jul 17, 2024
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition...
Low
Unreviewed
CVE-2024-38870
was published
Jul 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11...
Low
Unreviewed
CVE-2024-6595
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API