GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,226

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

253,226 advisories

Filter by severity

Sort by

Least recently updated

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56470 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49792 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49794 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49793 was published Feb 6, 2025

IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated... High Unreviewed

CVE-2024-49814 was published Feb 6, 2025

IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed

CVE-2024-51450 was published Feb 6, 2025

A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... High Unreviewed

CVE-2024-57084 was published Feb 6, 2025

A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed

CVE-2024-57064 was published Feb 6, 2025

A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a... High Unreviewed

CVE-2024-57065 was published Feb 6, 2025

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote... Critical Unreviewed

CVE-2020-36084 was published Feb 6, 2025

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed

CVE-2024-57063 was published Feb 6, 2025

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the driver of the... High Unreviewed

CVE-2024-48394 was published Feb 6, 2025

A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager... Moderate Unreviewed

CVE-2024-54853 was published Feb 6, 2025

A prototype pollution in the lib.combine function of php-parser v3.2.1 allows attackers to cause... High Unreviewed

CVE-2024-57071 was published Feb 6, 2025

A prototype pollution in the lib function of expand-object v0.4.2 allows attackers to cause a... High Unreviewed

CVE-2024-57069 was published Feb 6, 2025

A prototype pollution in the lib.parse function of dot-qs v0.2.0 allows attackers to cause a... High Unreviewed

CVE-2024-57067 was published Feb 6, 2025

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is... High Unreviewed

CVE-2025-24312 was published Feb 5, 2025

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint... High Unreviewed

CVE-2025-22891 was published Feb 5, 2025

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing... High Unreviewed

CVE-2025-21087 was published Feb 5, 2025

When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can... High Unreviewed

CVE-2025-20058 was published Feb 5, 2025

When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed

CVE-2025-23419 was published Feb 5, 2025

When URL categorization is configured on a virtual server, undisclosed requests can cause TMM to... High Unreviewed

CVE-2025-24497 was published Feb 5, 2025

When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured,... High Unreviewed

CVE-2025-24326 was published Feb 5, 2025

When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP... High Unreviewed

CVE-2025-20045 was published Feb 5, 2025

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in... High Unreviewed

CVE-2025-21091 was published Feb 5, 2025

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

253,226 advisories