Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,167 advisories

Loading
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed
CVE-2024-35114 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38713 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38714 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-35113 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38716 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35112 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed
CVE-2024-35150 was published Jan 25, 2025
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the... Moderate Unreviewed
CVE-2024-35144 was published Jan 25, 2025
IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting.... Moderate Unreviewed
CVE-2024-35145 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed
CVE-2024-35148 was published Jan 25, 2025
IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2024-35134 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-35111 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38012 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38013 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed
CVE-2023-38271 was published Jan 25, 2025
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is... Moderate Unreviewed
CVE-2025-0350 was published Jan 25, 2025
The ABC Notation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-13551 was published Jan 25, 2025
The Masy Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-13586 was published Jan 25, 2025
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-12826 was published Jan 25, 2025
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for... Moderate Unreviewed
CVE-2024-13368 was published Jan 25, 2025
The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-13467 was published Jan 25, 2025
The Etsy Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12817 was published Jan 25, 2025
The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13548 was published Jan 25, 2025
The Ask Me Anything (Anonymously) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12512 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database