Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

340 advisories

Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an... Low Unreviewed
CVE-2023-43745 was published May 16, 2024
Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful... Low Unreviewed
CVE-2024-32989 was published May 14, 2024
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in... Low Unreviewed
CVE-2024-28977 was published Apr 24, 2024
Kubernetes allows bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Low
CVE-2024-3177 was published for k8s.io/kubernetes (Go) Apr 23, 2024
NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2023-31028 was published Apr 5, 2024
NVIDIA nvTIFF Library for Windows and Linux contains a vulnerability where improper input... Low Unreviewed
CVE-2024-0080 was published Apr 5, 2024
Concrete CMS Stored XSS on the calendar color settings screen Low
CVE-2024-2753 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Cross-site Scripting (XSS) in the Advanced File Search Filter Low
CVE-2024-3178 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Custom Class page editing Low
CVE-2024-3179 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in blocks of type file Low
CVE-2024-3180 was published for concrete5/concrete5 (Composer) Apr 3, 2024
Concrete CMS Stored XSS in the Search Field Low
CVE-2024-3181 was published for concrete5/concrete5 (Composer) Apr 3, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on... Low Unreviewed
CVE-2023-6950 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51453 was published Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone... Low Unreviewed
CVE-2023-51452 was published Apr 2, 2024
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a... Low Unreviewed
CVE-2024-1221 was published Mar 14, 2024
Concrete CMS Stored Cross-site Scripting vulnerability Low
CVE-2024-2179 was published for concrete5/concrete5 (Composer) Mar 5, 2024
Concrete CMS vulnerable to stored XSS via the Role Name field Low
CVE-2024-1247 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature Low
CVE-2024-1246 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS in file tags and description attributes Low
CVE-2024-1245 was published for concrete5/concrete5 (Composer) Feb 9, 2024
IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to... Low Unreviewed
CVE-2023-46159 was published Feb 2, 2024
Improper Input Validation vulnerability in the upload functionality for user avatars allows... Low Unreviewed
CVE-2024-23790 was published Jan 29, 2024
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
Improper input validation of a large HTTP request in the Controller 6000 and Controller 7000... Low Unreviewed
CVE-2023-22439 was published Dec 19, 2023
Adobe Experience Manager versions 6.5.18 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2023-48608 was published Dec 15, 2023
Improper input validation vulnerability in Newsletter Software SuperMailer affecting version 11... Low Unreviewed
CVE-2023-6381 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API