Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,412 advisories

Loading
Opening a malicious website while running a Nuxt dev server could allow read-only access to code Moderate
CVE-2025-24361 was published for @nuxt/rspack-builder (npm) Jan 27, 2025
sapphi-red
Opening a malicious website while running a Nuxt dev server could allow read-only access to code Moderate
CVE-2025-24360 was published for @nuxt/vite-builder (npm) Jan 27, 2025
sapphi-red
Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)... Moderate Unreviewed
CVE-2025-24389 was published Jan 27, 2025
A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking... Moderate Unreviewed
CVE-2025-24390 was published Jan 27, 2025
A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response... Moderate Unreviewed
CVE-2024-43445 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does... Moderate Unreviewed
CVE-2024-28770 was published Jan 27, 2025
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does... Moderate Unreviewed
CVE-2024-28771 was published Jan 27, 2025
IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site... Moderate Unreviewed
CVE-2023-46187 was published Jan 27, 2025
A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This... Moderate Unreviewed
CVE-2025-0721 was published Jan 27, 2025
A vulnerability classified as critical was found in needyamin image_gallery 1.0. This... Moderate Unreviewed
CVE-2025-0722 was published Jan 27, 2025
A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as... Moderate Unreviewed
CVE-2025-0720 was published Jan 27, 2025
IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local... Moderate Unreviewed
CVE-2023-50945 was published Jan 26, 2025
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified... Moderate Unreviewed
CVE-2017-20196 was published Jan 26, 2025
IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that... Moderate Unreviewed
CVE-2023-50946 was published Jan 26, 2025
IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the... Moderate Unreviewed
CVE-2023-38009 was published Jan 26, 2025
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read... Moderate Unreviewed
CVE-2024-31906 was published Jan 26, 2025
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13505 was published Jan 26, 2025
The WC Affiliate – A Complete WooCommerce Affiliate Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12334 was published Jan 26, 2025
The Membership Plugin – Restrict Content plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-11090 was published Jan 26, 2025
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-10705 was published Jan 26, 2025
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to Reflected... Moderate Unreviewed
CVE-2024-10636 was published Jan 26, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2024-35113 was published Jan 25, 2025
IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when... Moderate Unreviewed
CVE-2024-35134 was published Jan 25, 2025
IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not... Moderate Unreviewed
CVE-2024-35150 was published Jan 25, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-35111 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database