GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,015
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,253

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,378 advisories

Filter by severity

Sort by

Least recently updated

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed

CVE-2024-45624 was published Sep 12, 2024

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. High Unreviewed

CVE-2023-37232 was published Sep 10, 2024

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed

CVE-2024-44408 was published Sep 6, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo... High Unreviewed

CVE-2024-43289 was published Aug 26, 2024

An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The... High Unreviewed

CVE-2024-39344 was published Aug 21, 2024

Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-41700 was published Aug 20, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42657 was published Aug 19, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42658 was published Aug 19, 2024

A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux.... High Unreviewed

CVE-2024-27120 was published Aug 14, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment... High Unreviewed

CVE-2024-38747 was published Aug 13, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and... High Unreviewed

CVE-2024-38787 was published Aug 13, 2024

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII)... High Unreviewed

CVE-2024-33003 was published Aug 13, 2024

Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed

CVE-2024-7697 was published Aug 12, 2024

Microsoft Office Spoofing Vulnerability High Unreviewed

CVE-2024-38200 was published Aug 12, 2024

CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed

CVE-2024-42062 was published Aug 7, 2024

mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters... High Unreviewed

CVE-2024-42010 was published Aug 5, 2024

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed

CVE-2024-6331 was published Aug 4, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr... High Unreviewed

CVE-2024-38761 was published Aug 2, 2024

Priority PRI WEB Portal Add-On for Priority ERP on prem - CWE-200: Exposure of Sensitive... High Unreviewed

CVE-2024-41696 was published Jul 30, 2024

A validated user not explicitly authorized to have access to certain sensitive information could... High Unreviewed

CVE-2023-40159 was published Jul 18, 2024

Gotenberg provides a developer-friendly API to interact with powerful tools like Chromium and... High Unreviewed

CVE-2024-40639 was published Jul 17, 2024

Vulnerability in the Oracle Process Manufacturing Financials product of Oracle E-Business Suite ... High Unreviewed

CVE-2024-21152 was published Jul 17, 2024

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed

CVE-2024-21147 was published Jul 17, 2024

Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The... High Unreviewed

CVE-2022-45449 was published Jul 16, 2024

Previous 1 2 3 4 5 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,378 advisories