GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105,672 advisories
Filter by severity
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A...
Moderate
Unreviewed
CVE-2024-41997
was published
Oct 14, 2024
An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker...
Moderate
Unreviewed
CVE-2024-48795
was published
Oct 14, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in...
Moderate
Unreviewed
CVE-2024-48744
was published
Oct 16, 2024
Memory corruption is possible when an attempt is made from userspace or console to write some...
Moderate
Unreviewed
CVE-2024-23374
was published
Oct 7, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not...
Moderate
Unreviewed
CVE-2023-45698
was published
Feb 10, 2024
A cross-site scripting (XSS) vulnerability in the component /admin.php?page=album of Piwigo v14.5...
Moderate
Unreviewed
CVE-2024-46605
was published
Oct 16, 2024
An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-48790
was published
Oct 14, 2024
In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name...
Moderate
Unreviewed
CVE-2024-48710
was published
Oct 15, 2024
In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name...
Moderate
Unreviewed
CVE-2024-48713
was published
Oct 15, 2024
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-46237
was published
Oct 9, 2024
The login form /Login in ECi Printanista Hub (formerly FMAudit Printscout) through 2022-06-27...
Moderate
Unreviewed
CVE-2022-40306
was published
Sep 16, 2022
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20463
was published
Oct 16, 2024
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could...
Moderate
Unreviewed
CVE-2024-20461
was published
Oct 16, 2024
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management...
Moderate
Unreviewed
CVE-2024-20512
was published
Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection ...
Moderate
Unreviewed
CVE-2024-45072
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4184
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4189
was published
Oct 16, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-45071
was published
Oct 16, 2024
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application...
Moderate
Unreviewed
CVE-2024-4690
was published
Oct 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-49265
was published
Oct 16, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series...
Moderate
Unreviewed
CVE-2024-20459
was published
Oct 16, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform...
Moderate
Unreviewed
CVE-2024-20462
was published
Oct 16, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20460
was published
Oct 16, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20420
was published
Oct 16, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with...
Moderate
Unreviewed
CVE-2024-20280
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API