GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,489 advisories
Filter by severity
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController...
High
Unreviewed
CVE-2024-5010
was published
Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP...
Moderate
Unreviewed
CVE-2024-35776
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event...
Moderate
Unreviewed
CVE-2024-5059
was published
Jun 21, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
Moderate
CVE-2024-22032
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-5464
was published
Jun 14, 2024
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information...
Moderate
Unreviewed
CVE-2024-0093
was published
Jun 14, 2024
Cilium leaks sensitive information in cilium-bugtool
High
CVE-2024-37307
was published
for
github.com/cilium/cilium
(Go)
Jun 13, 2024
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure...
High
Unreviewed
CVE-2024-30472
was published
Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
Moderate
CVE-2024-23445
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 12, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-35263
was published
Jun 11, 2024
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37325
was published
Jun 11, 2024
Windows Cryptographic Services Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30096
was published
Jun 11, 2024
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with...
Moderate
Unreviewed
CVE-2024-5813
was published
Jun 11, 2024
This allows the information exposure to unauthorized users. This issue affects NetIQ Access...
Moderate
Unreviewed
CVE-2020-11843
was published
Jun 11, 2024
On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated...
Low
Unreviewed
CVE-2024-34684
was published
Jun 11, 2024
SAP NetWeaver AS Java (CAF - Guided Procedures)
allows an unauthenticated user to access non...
Moderate
Unreviewed
CVE-2024-28164
was published
Jun 11, 2024
Docker CLI leaks private registry credentials to registry-1.docker.io
Moderate
CVE-2021-41092
was published
for
github.com/docker/cli
(Go)
Jun 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter...
Moderate
Unreviewed
CVE-2024-35682
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC...
Moderate
Unreviewed
CVE-2024-35691
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web...
Moderate
Unreviewed
CVE-2024-35710
was published
Jun 8, 2024
Adminer file disclosure vulnerability
High
GHSA-97h7-mf38-g9mf
was published
for
vrana/adminer
(Composer)
Jun 7, 2024
Zend-developer-tools information disclosure vulnerability
Moderate
GHSA-qg7m-mwxm-j3h7
was published
for
zendframework/zend-developer-tools
(Composer)
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API