Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,583 advisories

The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is... Low Unreviewed
CVE-2024-3073 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-36226 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26127 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2024-26126 was published Jun 13, 2024
HashiCorp Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims Low
CVE-2024-5798 was published for github.com/hashicorp/vault (Go) Jun 12, 2024
Keycloak Denial of Service via account lockout Low
GHSA-cq42-vhv7-xr7p was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
Keycloak's improper input validation allows using email as username Low
GHSA-4vc8-pg5c-vg4x was published for org.keycloak:keycloak-services (Maven) Jun 12, 2024
@strapi/plugin-content-manager leaks data via relations via the Admin Panel Low
CVE-2024-29181 was published for @strapi/plugin-content-manager (npm) Jun 12, 2024
felixdkatt derrickmehaffy
christiancp100
A stored cross site scripting vulnerability exists in Tenable Security Center where an... Low Unreviewed
CVE-2024-1891 was published Jun 12, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in... Low Unreviewed
CVE-2024-28024 was published Jun 11, 2024
A low severity vulnerability in BIPS has been identified where an attacker with high privileges... Low Unreviewed
CVE-2024-5812 was published Jun 11, 2024
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting... Low Unreviewed
CVE-2024-21754 was published Jun 11, 2024
A vulnerability has been identified in TIA Administrator (All versions < V3 SP2). The affected... Low Unreviewed
CVE-2023-38533 was published Jun 11, 2024
On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated... Low Unreviewed
CVE-2024-34684 was published Jun 11, 2024
`docker cp` allows unexpected chmod of host files in Moby Docker Engine Low
CVE-2021-41089 was published for github.com/docker/docker (Go) Jun 10, 2024
LevanaXr ssst0n3
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode... Low Unreviewed
CVE-2024-35749 was published Jun 10, 2024
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. Low Unreviewed
CVE-2024-30512 was published Jun 9, 2024
zenml-io/zenml does not expire the session after password reset Low
CVE-2024-4680 was published for zenml (pip) Jun 8, 2024
A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue... Low Unreviewed
CVE-2024-5766 was published Jun 8, 2024
Symlink bypasses filesystem sandbox Low
GHSA-55f3-3qvg-8pv5 was published for wasmer (Rust) Jun 7, 2024
yagehu
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both... Low Unreviewed
CVE-2024-3166 was published Jun 6, 2024
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2024-5307 was published Jun 6, 2024
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
Cross site scripting in zenml Low
CVE-2024-2171 was published for zenml (pip) Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API