Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,827 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon... Moderate Unreviewed
CVE-2024-38756 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment... High Unreviewed
CVE-2024-38747 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Maucher Send... Moderate Unreviewed
CVE-2024-38760 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A.... Moderate Unreviewed
CVE-2024-38742 was published Aug 13, 2024
In SAP Commerce, valid user accounts can be identified during the customer registration and login... Moderate Unreviewed
CVE-2024-41733 was published Aug 13, 2024
Under certain conditions SAP Permit to Work allows an authenticated attacker to access... Moderate Unreviewed
CVE-2024-41736 was published Aug 13, 2024
Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII)... High Unreviewed
CVE-2024-33003 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability... Moderate Unreviewed
CVE-2024-37930 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wp2speed WP2Speed... Moderate Unreviewed
CVE-2024-37924 was published Aug 13, 2024
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected... Moderate Unreviewed
CVE-2024-7704 was published Aug 12, 2024
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed
CVE-2024-7697 was published Aug 12, 2024
The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to... Moderate Unreviewed
CVE-2024-7382 was published Aug 12, 2024
The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-7414 was published Aug 12, 2024
The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-7410 was published Aug 12, 2024
The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up... Moderate Unreviewed
CVE-2024-7416 was published Aug 12, 2024
The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up... Moderate Unreviewed
CVE-2024-7413 was published Aug 12, 2024
The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up... Moderate Unreviewed
CVE-2024-7412 was published Aug 12, 2024
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6562 was published Aug 12, 2024
Microsoft Office Spoofing Vulnerability High Unreviewed
CVE-2024-38200 was published Aug 12, 2024
Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through... Moderate Unreviewed
CVE-2024-42493 was published Aug 8, 2024
Dorsett Controls Central Server update server has potential information leaks with an... Moderate Unreviewed
CVE-2024-39287 was published Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17... Moderate Unreviewed
CVE-2024-7554 was published Aug 8, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-6552 was published Aug 8, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list... Moderate Unreviewed
CVE-2024-42222 was published Aug 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database