GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,827 advisories
Filter by severity
Tina search token leak via lock file in TinaCMS
High
CVE-2024-45391
was published
for
@tinacms/cli
(npm)
Sep 3, 2024
Hwameistor Potential Permission Leakage of Cluster Level
Low
CVE-2024-45054
was published
for
github.com/hwameistor/hwameistor
(Go)
Aug 29, 2024
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability
Moderate
CVE-2024-45043
was published
for
github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
(Go)
Aug 29, 2024
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-3679
was published
Aug 29, 2024
The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-2541
was published
Aug 29, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full...
Moderate
Unreviewed
CVE-2024-6551
was published
Aug 29, 2024
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for...
Moderate
Unreviewed
CVE-2024-7418
was published
Aug 29, 2024
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server...
Moderate
Unreviewed
CVE-2021-22529
was published
Aug 28, 2024
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in...
Moderate
Unreviewed
CVE-2024-6448
was published
Aug 28, 2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are...
Critical
Unreviewed
CVE-2024-6633
was published
Aug 27, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order...
Moderate
Unreviewed
CVE-2024-43259
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus...
Moderate
Unreviewed
CVE-2024-43258
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by...
Moderate
Unreviewed
CVE-2024-43264
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard -...
Moderate
Unreviewed
CVE-2024-43257
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro...
Moderate
Unreviewed
CVE-2024-43251
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File...
Moderate
Unreviewed
CVE-2024-43230
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This...
Moderate
Unreviewed
CVE-2024-43283
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo...
High
Unreviewed
CVE-2024-43289
was published
Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in bPlugins LLC Flash &...
Moderate
Unreviewed
CVE-2024-43319
was published
Aug 26, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Moderate
Unreviewed
CVE-2024-42337
was published
Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Moderate
Unreviewed
CVE-2024-42338
was published
Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
Moderate
Unreviewed
CVE-2024-42339
was published
Aug 25, 2024
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure...
Moderate
Unreviewed
CVE-2024-6499
was published
Aug 24, 2024
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Moderate
CVE-2024-8072
was published
for
mage-ai
(pip)
Aug 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenText Performance...
Moderate
Unreviewed
CVE-2022-26327
was published
Aug 21, 2024
ProTip!
Advisories are also available from the
GraphQL API