Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,492 advisories

Loading
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported... Unknown Unreviewed
CVE-2024-5535 was published Jun 27, 2024
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5,... Moderate Unreviewed
CVE-2024-3115 was published Jun 27, 2024
Exposure of secrets through system log in Jenkins Structs Plugin Low
CVE-2024-39458 was published for org.jenkins-ci.plugins:structs (Maven) Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController... High Unreviewed
CVE-2024-5010 was published Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A... Low Unreviewed
CVE-2024-6294 was published Jun 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP... Moderate Unreviewed
CVE-2024-35776 was published Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event... Moderate Unreviewed
CVE-2024-5059 was published Jun 21, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec Moderate
CVE-2024-22032 was published for github.com/rancher/rancher (Go) Jun 17, 2024
Lobe Chat API Key Leak Moderate
CVE-2024-37895 was published for @lobehub/chat (npm) Jun 17, 2024
zhuozhiyongde
Vulnerability of insufficient permission verification in the NearLink module Impact: Successful... Moderate Unreviewed
CVE-2024-5464 was published Jun 14, 2024
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information... Moderate Unreviewed
CVE-2024-0093 was published Jun 14, 2024
Cilium leaks sensitive information in cilium-bugtool High
CVE-2024-37307 was published for github.com/cilium/cilium (Go) Jun 13, 2024
sayboras
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure... High Unreviewed
CVE-2024-30472 was published Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30300 was published Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions Moderate
CVE-2024-23445 was published for org.elasticsearch:elasticsearch (Maven) Jun 12, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-35263 was published Jun 11, 2024
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37325 was published Jun 11, 2024
Windows Cryptographic Services Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30096 was published Jun 11, 2024
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with... Moderate Unreviewed
CVE-2024-5813 was published Jun 11, 2024
This allows the information exposure to unauthorized users. This issue affects NetIQ Access... Moderate Unreviewed
CVE-2020-11843 was published Jun 11, 2024
On Unix, SAP BusinessObjects Business Intelligence Platform (Scheduling) allows an authenticated... Low Unreviewed
CVE-2024-34684 was published Jun 11, 2024
SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non... Moderate Unreviewed
CVE-2024-28164 was published Jun 11, 2024
Docker CLI leaks private registry credentials to registry-1.docker.io Moderate
CVE-2021-41092 was published for github.com/docker/cli (Go) Jun 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter... Moderate Unreviewed
CVE-2024-35682 was published Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC... Moderate Unreviewed
CVE-2024-35691 was published Jun 8, 2024
ProTip! Advisories are also available from the GraphQL API