Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

174 advisories

Loading
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a... Moderate Unreviewed
CVE-2024-39725 was published Dec 25, 2024
IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-52897 was published Dec 19, 2024
IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker... Moderate Unreviewed
CVE-2024-52896 was published Dec 19, 2024
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote... Moderate Unreviewed
CVE-2024-49818 was published Dec 17, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Dave Kiss... Moderate Unreviewed
CVE-2024-54366 was published Dec 16, 2024
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-51460 was published Dec 11, 2024
HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive... Moderate Unreviewed
CVE-2024-30141 was published Nov 7, 2024
Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti... Moderate Unreviewed
CVE-2024-50512 was published Oct 30, 2024
SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non... Moderate Unreviewed
CVE-2024-45713 was published Oct 17, 2024
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows... Moderate Unreviewed
CVE-2024-44762 was published Oct 16, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed
CVE-2024-7426 was published Sep 25, 2024
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions... Moderate Unreviewed
CVE-2024-6544 was published Sep 13, 2024
An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15... Moderate Unreviewed
CVE-2024-5435 was published Sep 12, 2024
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It... Moderate Unreviewed
CVE-2024-8571 was published Sep 8, 2024
The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-7415 was published Sep 6, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6551 was published Aug 29, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2023-47728 was published Aug 16, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-39751 was published Aug 6, 2024
IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-35640 was published Jul 17, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-39737 was published Jul 15, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35119 was published Jun 30, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2023-50953 was published Jun 30, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2024-35156 was published Jun 29, 2024
IBM MQ Console 9.3 LTS and 9.3 CD could disclose could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-35155 was published Jun 28, 2024
An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application... Moderate Unreviewed
CVE-2024-31844 was published May 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database