Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,225 advisories

Loading
IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2024-35134 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed
CVE-2024-35150 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-35111 was published Jan 25, 2025
IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting.... Moderate Unreviewed
CVE-2024-35145 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35112 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed
CVE-2024-35148 was published Jan 25, 2025
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the... Moderate Unreviewed
CVE-2024-35144 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38013 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38012 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38271 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38713 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38716 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38714 was published Jan 25, 2025
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is... Moderate Unreviewed
CVE-2025-0350 was published Jan 25, 2025
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-10552 was published Jan 25, 2025
The Broadstreet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘zone’... Moderate Unreviewed
CVE-2024-11825 was published Jan 25, 2025
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for... Moderate Unreviewed
CVE-2024-12113 was published Jan 25, 2025
The Target Video Easy Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-12076 was published Jan 25, 2025
The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12529 was published Jan 25, 2025
The Ask Me Anything (Anonymously) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12512 was published Jan 25, 2025
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-12826 was published Jan 25, 2025
The NOTICE BOARD BY TOWKIR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-12816 was published Jan 25, 2025
The Etsy Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12817 was published Jan 25, 2025
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for... Moderate Unreviewed
CVE-2024-13370 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database