GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
124 advisories
kurwov vulnerable to Denial of Service due to improper data sanitization
Moderate
CVE-2024-34075
was published
for
kurwov
(npm)
May 3, 2024
Gadget chain in Symfony 1 due to uncontrolled unserialized input in sfNamespacedParameterHolder
Moderate
CVE-2024-28861
was published
for
friendsofsymfony1/symfony1
(Composer)
Mar 22, 2024
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Moderate
CVE-2024-29032
was published
for
qiskit-ibm-runtime
(pip)
Mar 20, 2024
Gadget chain in Symfony 1 due to vulnerable Swift Mailer dependency
Moderate
CVE-2024-28859
was published
for
friendsofsymfony1/swiftmailer
(Composer)
Mar 18, 2024
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Moderate
CVE-2023-51518
was published
for
org.apache.james:james-server
(Maven)
Feb 27, 2024
ProTip!
Advisories are also available from the
GraphQL API