GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,831 advisories
Filter by severity
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker...
Low
Unreviewed
CVE-2024-47486
was published
Oct 18, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier...
Low
Unreviewed
CVE-2024-46897
was published
Oct 18, 2024
Insufficient verification of data authenticity in
the configuration state machine may allow a...
Low
Unreviewed
CVE-2023-20570
was published
Feb 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43686
was published
Oct 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43687
was published
Oct 4, 2024
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application...
Low
Unreviewed
CVE-2024-4211
was published
Oct 16, 2024
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application...
Low
Unreviewed
CVE-2024-4692
was published
Oct 16, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21211
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services...
Low
Unreviewed
CVE-2024-21232
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). ...
Low
Unreviewed
CVE-2024-21231
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication...
Low
Unreviewed
CVE-2024-21237
was published
Oct 15, 2024
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ...
Low
Unreviewed
CVE-2024-21247
was published
Oct 15, 2024
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that...
Low
Unreviewed
CVE-2024-21242
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). ...
Low
Unreviewed
CVE-2024-21244
was published
Oct 15, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). ...
Low
Unreviewed
CVE-2024-21243
was published
Oct 15, 2024
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are...
Low
Unreviewed
CVE-2024-21251
was published
Oct 15, 2024
Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and...
Low
Unreviewed
CVE-2024-21257
was published
Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21208
was published
Oct 15, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Low
Unreviewed
CVE-2024-21253
was published
Oct 15, 2024
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are...
Low
Unreviewed
CVE-2024-21210
was published
Oct 15, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21217
was published
Oct 15, 2024
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ...
Low
Unreviewed
CVE-2024-21209
was published
Oct 15, 2024
Improper regular expression in Vue's parseHTML function leads to a potential regular expression...
Low
Unreviewed
CVE-2024-9506
was published
Oct 15, 2024
Sensitive information manipulation due to improper authorization. The following products are...
Low
Unreviewed
CVE-2024-49388
was published
Oct 15, 2024
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address....
Low
Unreviewed
CVE-2024-49384
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API