GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,633
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
284 advisories
Filter by severity
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.
Moderate
Unreviewed
CVE-2024-6702
was published
Sep 12, 2024
A low privileged remote attacker can perform configuration changes of the ospf service through...
Moderate
Unreviewed
CVE-2024-43389
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43391
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43392
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43390
was published
Sep 10, 2024
A low privileged remote attacker can perform configuration changes of the firewall services,...
Moderate
Unreviewed
CVE-2024-43393
was published
Sep 10, 2024
A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806...
Moderate
Unreviewed
CVE-2024-42903
was published
Sep 3, 2024
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to...
Moderate
Unreviewed
CVE-2024-8367
was published
Sep 1, 2024
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c...
Moderate
Unreviewed
CVE-2024-2881
was published
Aug 30, 2024
Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in...
Moderate
Unreviewed
CVE-2024-1545
was published
Aug 30, 2024
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to...
Moderate
Unreviewed
CVE-2024-31882
was published
Aug 14, 2024
A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway...
Moderate
Unreviewed
CVE-2024-20429
was published
Jul 17, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'...
Moderate
Unreviewed
CVE-2024-38700
was published
Jul 12, 2024
A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this...
Moderate
Unreviewed
CVE-2024-6470
was published
Jul 3, 2024
A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this...
Moderate
Unreviewed
CVE-2024-6469
was published
Jul 3, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'...
Moderate
Unreviewed
CVE-2024-35680
was published
Jun 10, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'...
Moderate
Unreviewed
CVE-2024-35728
was published
Jun 10, 2024
The EmailGPT service contains a prompt injection vulnerability. The service uses an API service...
Moderate
Unreviewed
CVE-2024-5184
was published
Jun 5, 2024
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'...
Moderate
Unreviewed
CVE-2023-23738
was published
Jun 4, 2024
Mattermost Jira plugin versions shipped with Mattermost versions 8.1.x before 8.1.10, 9.2.x...
Moderate
Unreviewed
CVE-2024-2445
was published
Mar 15, 2024
This is a reflected cross site scripting vulnerability in the PaperCut NG/MF application server....
Moderate
Unreviewed
CVE-2024-1883
was published
Mar 14, 2024
An injection vulnerability has been reported to affect several QNAP operating system versions. If...
Moderate
Unreviewed
CVE-2024-21900
was published
Mar 8, 2024
Improper neutralization of special elements in output (CWE-74) used by the email generation...
Moderate
Unreviewed
CVE-2024-21838
was published
Mar 5, 2024
A vulnerability has been found in rahman SelectCours 1.0 and classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-2064
was published
Mar 1, 2024
Kaspersky has fixed a security issue in the Kaspersky Security 8.0 for Linux Mail Server. The...
Moderate
Unreviewed
CVE-2024-1619
was published
Feb 29, 2024
ProTip!
Advisories are also available from the
GraphQL API