Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

33 advisories

Loading
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs.... Critical Unreviewed
CVE-2023-46321 was published Oct 23, 2023
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The... Critical Unreviewed
CVE-2023-46322 was published Oct 23, 2023
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-8297 was published Aug 29, 2024
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f.... Moderate Unreviewed
CVE-2024-8334 was published Aug 30, 2024
Improper output Neutralization for Logs (CWE-117) in the Command Centre API Diagnostics Endpoint... Low Unreviewed
CVE-2024-23194 was published Jul 11, 2024
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly... Moderate Unreviewed
CVE-2024-31845 was published May 21, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.2 is vulnerable to injection... High Unreviewed
CVE-2024-25047 was published May 2, 2024
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can... Critical Unreviewed
CVE-2024-0095 was published Jun 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in... Moderate Unreviewed
CVE-2023-28952 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs... Moderate Unreviewed
CVE-2023-39461 was published May 3, 2024
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed
CVE-2023-4065 was published Sep 27, 2023
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to... High Unreviewed
CVE-2023-36925 was published Jul 11, 2023
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603,... Moderate Unreviewed
CVE-2023-36924 was published Jul 11, 2023
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an... Moderate Unreviewed
CVE-2023-31405 was published Jul 11, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an attacker can use a specially... Low Unreviewed
CVE-2023-32712 was published Jun 1, 2023
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that... Moderate Unreviewed
CVE-2023-1711 was published May 30, 2023
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM... Moderate Unreviewed
CVE-2024-22356 was published Mar 26, 2024
In Splunk IT Service Intelligence (ITSI) versions below 4.13.3 or 4.15.3, a malicious actor can... High Unreviewed
CVE-2023-4571 was published Aug 30, 2023
A vulnerability classified as critical has been found in Sichuan Yougou Technology KuERP up to 1... Moderate Unreviewed
CVE-2024-0987 was published Jan 29, 2024
Dell Unity, versions prior to 5.4, contain a vulnerability whereby log messages can be spoofed... Low Unreviewed
CVE-2024-22229 was published Jan 24, 2024
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate... Moderate Unreviewed
CVE-2023-38020 was published Feb 2, 2024
Sending specially crafted commands to a MongoDB Server may result in artificial log entries being... Moderate Unreviewed
CVE-2021-20333 was published May 24, 2022
OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected... Moderate Unreviewed
CVE-2023-7234 was published Jan 16, 2024
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability... High Unreviewed
CVE-2023-3997 was published Jul 31, 2023
An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7... Moderate Unreviewed
CVE-2023-46713 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database