GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,492 advisories
Filter by severity
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an
empty supported...
Unknown
Unreviewed
CVE-2024-5535
was published
Jun 27, 2024
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5,...
Moderate
Unreviewed
CVE-2024-3115
was published
Jun 27, 2024
Exposure of secrets through system log in Jenkins Structs Plugin
Low
CVE-2024-39458
was published
for
org.jenkins-ci.plugins:structs
(Maven)
Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController...
High
Unreviewed
CVE-2024-5010
was published
Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP...
Moderate
Unreviewed
CVE-2024-35776
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event...
Moderate
Unreviewed
CVE-2024-5059
was published
Jun 21, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
Moderate
CVE-2024-22032
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-5464
was published
Jun 14, 2024
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information...
Moderate
Unreviewed
CVE-2024-0093
was published
Jun 14, 2024
Cilium leaks sensitive information in cilium-bugtool
High
CVE-2024-37307
was published
for
github.com/cilium/cilium
(Go)
Jun 13, 2024
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure...
High
Unreviewed
CVE-2024-30472
was published
Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
Moderate
CVE-2024-23445
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 12, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-35263
was published
Jun 11, 2024
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37325
was published
Jun 11, 2024
Windows Cryptographic Services Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30096
was published
Jun 11, 2024
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with...
Moderate
Unreviewed
CVE-2024-5813
was published
Jun 11, 2024
This allows the information exposure to unauthorized users. This issue affects NetIQ Access...
Moderate
Unreviewed
CVE-2020-11843
was published
Jun 11, 2024
On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated...
Low
Unreviewed
CVE-2024-34684
was published
Jun 11, 2024
SAP NetWeaver AS Java (CAF - Guided Procedures)
allows an unauthenticated user to access non...
Moderate
Unreviewed
CVE-2024-28164
was published
Jun 11, 2024
Docker CLI leaks private registry credentials to registry-1.docker.io
Moderate
CVE-2021-41092
was published
for
github.com/docker/cli
(Go)
Jun 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter...
Moderate
Unreviewed
CVE-2024-35682
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC...
Moderate
Unreviewed
CVE-2024-35691
was published
Jun 8, 2024
ProTip!
Advisories are also available from the
GraphQL API