GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,827 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon...
Moderate
Unreviewed
CVE-2024-38756
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment...
High
Unreviewed
CVE-2024-38747
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Maucher Send...
Moderate
Unreviewed
CVE-2024-38760
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A....
Moderate
Unreviewed
CVE-2024-38742
was published
Aug 13, 2024
In SAP Commerce, valid user accounts can be
identified during the customer registration and login...
Moderate
Unreviewed
CVE-2024-41733
was published
Aug 13, 2024
Under certain conditions SAP Permit to Work
allows an authenticated attacker to access...
Moderate
Unreviewed
CVE-2024-41736
was published
Aug 13, 2024
Some OCC API endpoints in SAP Commerce Cloud
allows Personally Identifiable Information (PII)...
High
Unreviewed
CVE-2024-33003
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability...
Moderate
Unreviewed
CVE-2024-37930
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wp2speed WP2Speed...
Moderate
Unreviewed
CVE-2024-37924
was published
Aug 13, 2024
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-7704
was published
Aug 12, 2024
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user...
High
Unreviewed
CVE-2024-7697
was published
Aug 12, 2024
The Linkify Text plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to...
Moderate
Unreviewed
CVE-2024-7382
was published
Aug 12, 2024
The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-7414
was published
Aug 12, 2024
The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-7410
was published
Aug 12, 2024
The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up...
Moderate
Unreviewed
CVE-2024-7416
was published
Aug 12, 2024
The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up...
Moderate
Unreviewed
CVE-2024-7413
was published
Aug 12, 2024
The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up...
Moderate
Unreviewed
CVE-2024-7412
was published
Aug 12, 2024
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full...
Moderate
Unreviewed
CVE-2024-6562
was published
Aug 12, 2024
Dorsett Controls InfoScan is vulnerable due to a leak of possible
sensitive information through...
Moderate
Unreviewed
CVE-2024-42493
was published
Aug 8, 2024
Dorsett Controls Central Server update server has potential information
leaks with an...
Moderate
Unreviewed
CVE-2024-39287
was published
Aug 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17...
Moderate
Unreviewed
CVE-2024-7554
was published
Aug 8, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6552
was published
Aug 8, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list...
Moderate
Unreviewed
CVE-2024-42222
was published
Aug 7, 2024
ProTip!
Advisories are also available from the
GraphQL API