GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1...
Moderate
Unreviewed
CVE-2023-45372
was published
Oct 9, 2023
@backstage/plugin-techdocs-backend vulnerable to circumvention of cross site scripting protection
Moderate
CVE-2024-46976
was published
for
@backstage/plugin-techdocs-backend
(npm)
Sep 17, 2024
Mattermost Desktop App fails to sufficiently configure Electron Fuses
Low
CVE-2024-45835
was published
for
mattermost-desktop
(npm)
Sep 16, 2024
Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing...
Moderate
Unreviewed
CVE-2024-45833
was published
Sep 16, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-38217
was published
Sep 10, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-43487
was published
Sep 10, 2024
Microsoft Publisher Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-38226
was published
Sep 10, 2024
Twig has a possible sandbox bypass
High
CVE-2024-45411
was published
for
twig/twig
(Composer)
Sep 9, 2024
In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians...
Moderate
Unreviewed
CVE-2024-33903
was published
Apr 29, 2024
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.4 for...
High
Unreviewed
CVE-2022-48611
was published
Apr 26, 2024
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up...
Moderate
Unreviewed
CVE-2022-4100
was published
Aug 31, 2024
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the...
High
Unreviewed
CVE-2023-5553
was published
Nov 21, 2023
Windows Remote Desktop Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2023-35352
was published
Jul 11, 2023
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20284
was published
Aug 28, 2024
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20286
was published
Aug 28, 2024
Mattermost allows remote/synthetic users to create sessions, reset passwords
Moderate
CVE-2024-39836
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and...
Moderate
Unreviewed
CVE-2018-10631
was published
May 13, 2022
Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may...
Moderate
Unreviewed
CVE-2024-24980
was published
Aug 14, 2024
Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and...
High
Unreviewed
CVE-2024-24983
was published
Aug 14, 2024
Protection mechanism failure in Linux kernel mode driver for some Intel(R) Ethernet Network...
High
Unreviewed
CVE-2024-23499
was published
Aug 14, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-38213
was published
Aug 13, 2024
Windows SmartScreen Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-38180
was published
Aug 13, 2024
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter,...
High
Unreviewed
CVE-2024-0101
was published
Aug 8, 2024
Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013 (when...
Critical
Unreviewed
CVE-2024-25091
was published
Mar 1, 2024
ejs lacks certain pollution protection
Moderate
CVE-2024-33883
was published
for
ejs
(npm)
Apr 28, 2024
ProTip!
Advisories are also available from the
GraphQL API