Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

115 advisories

Loading
Non-constant time webhook token hash comparison in Jenkins Zanata Plugin Low
CVE-2023-46660 was published for org.jenkins-ci.plugins:zanata (Maven) Oct 25, 2023
Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function... Moderate Unreviewed
CVE-2023-49994 was published Dec 12, 2023
Non-constant time webhook token comparison in Jenkins GitLab Branch Source Plugin Low
CVE-2024-23903 was published for io.jenkins.plugins:gitlab-branch-source (Maven) Jan 24, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an... Moderate Unreviewed
CVE-2023-50940 was published Feb 2, 2024
A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected... Low Unreviewed
CVE-2015-10129 was published Feb 4, 2024
A potential attacker with access to the Westermo Lynx device would be able to execute... Moderate Unreviewed
CVE-2023-45213 was published Feb 7, 2024
The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6... High Unreviewed
CVE-2024-4032 was published Jun 17, 2024
IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication... High Unreviewed
CVE-2024-39742 was published Jul 8, 2024
ServiceNow has addressed an input validation vulnerability that was identified in the Washington... Critical Unreviewed
CVE-2024-5217 was published Jul 10, 2024
Softaculous Webuzo contains an authentication bypass vulnerability through the password reset... Critical Unreviewed
CVE-2024-24621 was published Jul 26, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection... Moderate Unreviewed
CVE-2024-32862 was published Aug 2, 2024
Alpine allows Authentication Filter bypass Moderate
CVE-2022-23554 was published for us.springett:alpine (Maven) Aug 5, 2024
The WP Hardening – Fix Your WordPress Security plugin for WordPress is vulnerable to Security... Moderate Unreviewed
CVE-2024-6641 was published Sep 18, 2024
An Incorrect Comparison vulnerability in the local address verification API of Juniper Networks... Moderate Unreviewed
CVE-2024-39534 was published Oct 11, 2024
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's... Moderate Unreviewed
CVE-2024-9681 was published Nov 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database