GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
193 advisories
Filter by severity
DIRAC's TokenManager does not check permissions on cached tokens
Critical
CVE-2024-24825
was published
for
DIRAC
(pip)
Feb 8, 2024
** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file...
Critical
Unreviewed
CVE-2021-45420
was published
Feb 15, 2022
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext...
Critical
Unreviewed
CVE-2018-20839
was published
May 24, 2022
HPE has identified a vulnerability in HPE 3PAR Service Processor (SP) version 4.1 through 4.4....
Critical
Unreviewed
CVE-2019-11991
was published
May 24, 2022
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a...
Critical
Unreviewed
CVE-2019-15859
was published
May 24, 2022
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM...
Critical
Unreviewed
CVE-2023-32113
was published
May 9, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful...
Critical
Unreviewed
CVE-2021-46891
was published
Jul 5, 2023
Key management vulnerability on system. Successful exploitation of this vulnerability may affect...
Critical
Unreviewed
CVE-2023-3455
was published
Jul 5, 2023
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability...
Critical
Unreviewed
CVE-2022-48510
was published
Jul 6, 2023
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform ...
Critical
Unreviewed
CVE-2023-28765
was published
Jul 6, 2023
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which...
Critical
Unreviewed
CVE-2023-0925
was published
Sep 6, 2023
Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to...
Critical
Unreviewed
CVE-2023-5642
was published
Oct 18, 2023
The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive...
Critical
Unreviewed
CVE-2023-5576
was published
Oct 20, 2023
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (...
Critical
Unreviewed
CVE-2022-32221
was published
Dec 6, 2022
By knowing an organization's ID, an attacker can join the organization without permission and...
Critical
Unreviewed
CVE-2024-1643
was published
Apr 10, 2024
Credential leak in org.apache.directory.api:apache-ldap-api
Critical
CVE-2018-1337
was published
for
org.apache.directory.api:apache-ldap-api
(Maven)
Nov 9, 2018
A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2.3.1 and v2.3.0a exposes...
Critical
Unreviewed
CVE-2024-4173
was published
Apr 25, 2024
An exposure of sensitive information vulnerability has been reported to affect Media Streaming...
Critical
Unreviewed
CVE-2023-47222
was published
Apr 26, 2024
E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remote...
Critical
Unreviewed
CVE-2024-4300
was published
Apr 29, 2024
salt password information leaked in debug logs
Critical
CVE-2015-6941
was published
for
salt
(pip)
May 17, 2022
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4008
was published
Jun 5, 2024
In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure...
Critical
Unreviewed
CVE-2024-5133
was published
Jun 6, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software...
Critical
Unreviewed
CVE-2024-37113
was published
Jul 10, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials...
Critical
Unreviewed
CVE-2024-6407
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API