Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,827 advisories

Loading
Tina search token leak via lock file in TinaCMS High
CVE-2024-45391 was published for @tinacms/cli (npm) Sep 3, 2024
kldavis4 mattsbennett
Hwameistor Potential Permission Leakage of Cluster Level Low
CVE-2024-45054 was published for github.com/hwameistor/hwameistor (Go) Aug 29, 2024
younaman
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability Moderate
CVE-2024-45043 was published for github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver (Go) Aug 29, 2024
DouglasHeriot Aneurysm9
arminru
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-3679 was published Aug 29, 2024
The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-2541 was published Aug 29, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6551 was published Aug 29, 2024
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for... Moderate Unreviewed
CVE-2024-7418 was published Aug 29, 2024
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server... Moderate Unreviewed
CVE-2021-22529 was published Aug 28, 2024
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in... Moderate Unreviewed
CVE-2024-6448 was published Aug 28, 2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are... Critical Unreviewed
CVE-2024-6633 was published Aug 27, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order... Moderate Unreviewed
CVE-2024-43259 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus... Moderate Unreviewed
CVE-2024-43258 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by... Moderate Unreviewed
CVE-2024-43264 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard -... Moderate Unreviewed
CVE-2024-43257 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro... Moderate Unreviewed
CVE-2024-43251 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File... Moderate Unreviewed
CVE-2024-43230 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This... Moderate Unreviewed
CVE-2024-43283 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo... High Unreviewed
CVE-2024-43289 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in bPlugins LLC Flash &... Moderate Unreviewed
CVE-2024-43319 was published Aug 26, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42337 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42338 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42339 was published Aug 25, 2024
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure... Moderate Unreviewed
CVE-2024-6499 was published Aug 24, 2024
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users Moderate
CVE-2024-8072 was published for mage-ai (pip) Aug 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenText Performance... Moderate Unreviewed
CVE-2022-26327 was published Aug 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database