GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,243
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,771
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,728

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,962 advisories

Filter by severity

Sort by

Least recently updated

Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists... Moderate Unreviewed

CVE-2025-24845 was published Feb 6, 2025

Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition... Moderate Unreviewed

CVE-2025-22894 was published Feb 6, 2025

Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x... Moderate Unreviewed

CVE-2025-22890 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49791 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an... Moderate Unreviewed

CVE-2024-38316 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56471 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed

CVE-2024-56473 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49792 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed

CVE-2024-56472 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed

CVE-2024-38318 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56470 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49795 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49794 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2024-38317 was published Feb 6, 2025

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the... Moderate Unreviewed

CVE-2024-49797 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49793 was published Feb 6, 2025

IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed

CVE-2024-49796 was published Feb 6, 2025

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed... Moderate Unreviewed

CVE-2024-49798 was published Feb 6, 2025

IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an... Moderate Unreviewed

CVE-2024-49800 was published Feb 6, 2025

IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow... Moderate Unreviewed

CVE-2025-0799 was published Feb 6, 2025

The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2025-0522 was published Feb 6, 2025

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in... Moderate Unreviewed

CVE-2024-57598 was published Feb 6, 2025

A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager... Moderate Unreviewed

CVE-2024-54853 was published Feb 6, 2025

When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed

CVE-2025-23419 was published Feb 5, 2025

When users log in through the webUI or API using local authentication, BIG-IP Next Central... Moderate Unreviewed

CVE-2025-23413 was published Feb 5, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113,962 advisories