Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,180 advisories

Loading
A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This... Moderate Unreviewed
CVE-2025-0721 was published Jan 27, 2025
A vulnerability classified as critical was found in needyamin image_gallery 1.0. This... Moderate Unreviewed
CVE-2025-0722 was published Jan 27, 2025
A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as... Moderate Unreviewed
CVE-2025-0720 was published Jan 27, 2025
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local... Moderate Unreviewed
CVE-2023-50945 was published Jan 26, 2025
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that... Moderate Unreviewed
CVE-2023-50946 was published Jan 26, 2025
IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the... Moderate Unreviewed
CVE-2023-38009 was published Jan 26, 2025
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified... Moderate Unreviewed
CVE-2017-20196 was published Jan 26, 2025
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2024-37070 was published Nov 19, 2024
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read... Moderate Unreviewed
CVE-2024-31906 was published Jan 26, 2025
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13505 was published Jan 26, 2025
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12334 was published Jan 26, 2025
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-11090 was published Jan 26, 2025
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-10705 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to Reflected... Moderate Unreviewed
CVE-2024-10636 was published Jan 26, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-35113 was published Jan 25, 2025
IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2024-35134 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed
CVE-2024-35150 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-35111 was published Jan 25, 2025
IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting.... Moderate Unreviewed
CVE-2024-35145 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35112 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed
CVE-2024-35148 was published Jan 25, 2025
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the... Moderate Unreviewed
CVE-2024-35144 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38713 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database