GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,434
Erlang
29
GitHub Actions
16
Go
1,660
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
234,125 advisories
Filter by severity
A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability...
High
Unreviewed
CVE-2024-4491
was published
May 5, 2024
An issue was discovered in appmgr in O-RAN Near-RT RIC I-Release. An attacker could register an...
Unknown
Unreviewed
CVE-2024-34473
was published
May 5, 2024
TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer...
Unknown
Unreviewed
CVE-2023-52729
was published
May 5, 2024
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS...
Unknown
Unreviewed
CVE-2024-34476
was published
May 5, 2024
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS...
Unknown
Unreviewed
CVE-2024-34475
was published
May 5, 2024
Alinto SOGo through 5.10.0 allows XSS during attachment preview.
Unknown
Unreviewed
CVE-2024-34462
was published
May 4, 2024
Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action...
Unknown
Unreviewed
CVE-2024-34469
was published
May 4, 2024
Rukovoditel before 3.5.3 allows XSS via user_photo to My Page.
Unknown
Unreviewed
CVE-2024-34468
was published
May 4, 2024
ThinkPHP 8.0.3 allows remote attackers to discover the PHPSESSION cookie because think_exception...
Unknown
Unreviewed
CVE-2024-34467
was published
May 4, 2024
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors...
Moderate
Unreviewed
CVE-2023-38575
was published
Mar 14, 2024
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when...
Moderate
Unreviewed
CVE-2023-22655
was published
Mar 14, 2024
Information exposure through microarchitectural state after transient execution from some...
Moderate
Unreviewed
CVE-2023-28746
was published
Mar 14, 2024
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an...
Moderate
Unreviewed
CVE-2023-39368
was published
Mar 14, 2024
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with...
Moderate
Unreviewed
CVE-2023-43490
was published
Mar 14, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS)
Moderate
CVE-2024-31208
was published
for
matrix-synapse
(pip)
Apr 23, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to...
Moderate
Unreviewed
CVE-2023-27283
was published
May 4, 2024
IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of...
Moderate
Unreviewed
CVE-2024-27268
was published
Apr 4, 2024
The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2023-7065
was published
May 4, 2024
The Import and export users and customers plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-1050
was published
May 4, 2024
The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-3237
was published
May 4, 2024
Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site...
Unknown
Unreviewed
CVE-2024-34461
was published
May 4, 2024
The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. (This...
Unknown
Unreviewed
CVE-2024-34460
was published
May 4, 2024
The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,...
High
Unreviewed
CVE-2024-3240
was published
May 4, 2024
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug...
Unknown
Unreviewed
CVE-2024-3864
was published
Apr 16, 2024
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server...
Unknown
Unreviewed
CVE-2024-3302
was published
Apr 16, 2024
ProTip!
Advisories are also available from the
GraphQL API