GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,167 advisories

Filter by severity

Sort by

Least recently updated

IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed

CVE-2023-38012 was published Jan 25, 2025

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due... Moderate Unreviewed

CVE-2024-35114 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed

CVE-2023-38713 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed

CVE-2023-38714 was published Jan 25, 2025

IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed

CVE-2024-35113 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed

CVE-2023-38716 was published Jan 25, 2025

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-35112 was published Jan 25, 2025

IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed

CVE-2024-35150 was published Jan 25, 2025

IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the... Moderate Unreviewed

CVE-2024-35144 was published Jan 25, 2025

IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting.... Moderate Unreviewed

CVE-2024-35145 was published Jan 25, 2025

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed

CVE-2024-35148 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed

CVE-2023-38013 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2... Moderate Unreviewed

CVE-2023-38271 was published Jan 25, 2025

IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed

CVE-2024-35134 was published Jan 25, 2025

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2024-35111 was published Jan 25, 2025

The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is... Moderate Unreviewed

CVE-2025-0350 was published Jan 25, 2025

The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13548 was published Jan 25, 2025

The Ask Me Anything (Anonymously) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-12512 was published Jan 25, 2025

The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-12529 was published Jan 25, 2025

The Masy Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-13586 was published Jan 25, 2025

The Target Video Easy Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12076 was published Jan 25, 2025

The NOTICE BOARD BY TOWKIR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-12816 was published Jan 25, 2025

The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2024-13550 was published Jan 25, 2025

The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10552 was published Jan 25, 2025

The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory... Moderate Unreviewed

CVE-2024-12885 was published Jan 25, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113,167 advisories