GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,372
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,261
Maven 5,512
npm 3,910
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,338

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

253,338 advisories

Filter by severity

Sort by

Least recently updated

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56471 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49795 was published Feb 6, 2025

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in... Moderate Unreviewed

CVE-2024-57598 was published Feb 6, 2025

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the... Moderate Unreviewed

CVE-2024-49797 was published Feb 6, 2025

IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow... Moderate Unreviewed

CVE-2025-0799 was published Feb 6, 2025

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed

CVE-2024-49798 was published Feb 6, 2025

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-57520 was published Feb 6, 2025

OpenPLC_V3 contains an arbitrary file upload vulnerability, which could be leveraged for... Critical Unreviewed

CVE-2025-1066 was published Feb 6, 2025

A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a... High Unreviewed

CVE-2024-57078 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56470 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49792 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49794 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49793 was published Feb 6, 2025

IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated... High Unreviewed

CVE-2024-49814 was published Feb 6, 2025

IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed

CVE-2024-51450 was published Feb 6, 2025

A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... High Unreviewed

CVE-2024-57084 was published Feb 6, 2025

A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers... High Unreviewed

CVE-2024-57085 was published Feb 6, 2025

A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... High Unreviewed

CVE-2024-57074 was published Feb 6, 2025

The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2025-0522 was published Feb 6, 2025

A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed

CVE-2024-57064 was published Feb 6, 2025

A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a... High Unreviewed

CVE-2024-57065 was published Feb 6, 2025

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote... Critical Unreviewed

CVE-2020-36084 was published Feb 6, 2025

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed

CVE-2024-57063 was published Feb 6, 2025

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the... High Unreviewed

CVE-2024-48394 was published Feb 6, 2025

A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager... Moderate Unreviewed

CVE-2024-54853 was published Feb 6, 2025

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

253,338 advisories