Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,434
Erlang
29
GitHub Actions
16
Go
1,660
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

234,125 advisories

A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability... High Unreviewed
CVE-2024-4491 was published May 5, 2024
An issue was discovered in appmgr in O-RAN Near-RT RIC I-Release. An attacker could register an... Unknown Unreviewed
CVE-2024-34473 was published May 5, 2024
TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer... Unknown Unreviewed
CVE-2023-52729 was published May 5, 2024
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS... Unknown Unreviewed
CVE-2024-34476 was published May 5, 2024
Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS... Unknown Unreviewed
CVE-2024-34475 was published May 5, 2024
Alinto SOGo through 5.10.0 allows XSS during attachment preview. Unknown Unreviewed
CVE-2024-34462 was published May 4, 2024
Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action... Unknown Unreviewed
CVE-2024-34469 was published May 4, 2024
Rukovoditel before 3.5.3 allows XSS via user_photo to My Page. Unknown Unreviewed
CVE-2024-34468 was published May 4, 2024
ThinkPHP 8.0.3 allows remote attackers to discover the PHPSESSION cookie because think_exception... Unknown Unreviewed
CVE-2024-34467 was published May 4, 2024
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors... Moderate Unreviewed
CVE-2023-38575 was published Mar 14, 2024
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when... Moderate Unreviewed
CVE-2023-22655 was published Mar 14, 2024
Information exposure through microarchitectural state after transient execution from some... Moderate Unreviewed
CVE-2023-28746 was published Mar 14, 2024
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2023-39368 was published Mar 14, 2024
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with... Moderate Unreviewed
CVE-2023-43490 was published Mar 14, 2024
Synapse V2 state resolution weakness allows Denial of Service (DoS) Moderate
CVE-2024-31208 was published for matrix-synapse (pip) Apr 23, 2024
alexeyshch
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to... Moderate Unreviewed
CVE-2023-27283 was published May 4, 2024
IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.3 is vulnerable to a denial of... Moderate Unreviewed
CVE-2024-27268 was published Apr 4, 2024
The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2023-7065 was published May 4, 2024
The Import and export users and customers plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-1050 was published May 4, 2024
The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-3237 was published May 4, 2024
Zenario before 9.5.60437 uses Twig filters insecurely in the Twig Snippet plugin, and in the site... Unknown Unreviewed
CVE-2024-34461 was published May 4, 2024
The Tree Explorer tool from Organizer in Zenario before 9.5.60602 is affected by XSS. (This... Unknown Unreviewed
CVE-2024-34460 was published May 4, 2024
The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to,... High Unreviewed
CVE-2024-3240 was published May 4, 2024
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug... Unknown Unreviewed
CVE-2024-3864 was published Apr 16, 2024
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server... Unknown Unreviewed
CVE-2024-3302 was published Apr 16, 2024
ProTip! Advisories are also available from the GraphQL API