GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,827 advisories
Filter by severity
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes...
High
Unreviewed
CVE-2024-46471
was published
Sep 27, 2024
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote...
High
Unreviewed
CVE-2023-39620
was published
Sep 8, 2023
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker...
Moderate
Unreviewed
CVE-2023-36926
was published
Aug 8, 2023
In some configuration scenarios, the Domino server host name can be exposed. This information...
Moderate
Unreviewed
CVE-2023-28010
was published
Sep 8, 2023
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8538
was published
Sep 7, 2024
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
Low
CVE-2024-47197
was published
for
org.apache.maven.plugins:maven-archetype-plugin
(Maven)
Sep 26, 2024
Temporary File Information Disclosure vulnerability in MPXJ
Low
CVE-2022-41954
was published
for
mpxj
(Maven)
Nov 28, 2022
This allows attackers to use a maliciously formed API request to gain access to an API...
High
Unreviewed
CVE-2024-1222
was published
Mar 14, 2024
This vulnerability potentially allows unauthorized enumeration of information from the embedded...
Moderate
Unreviewed
CVE-2024-1223
was published
Mar 14, 2024
gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property
Moderate
CVE-2024-45040
was published
for
github.com/consensys/gnark
(Go)
Sep 6, 2024
SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-30922
was published
Apr 18, 2024
An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2023-42387
was published
Sep 18, 2023
Strapi's field level permissions not being respected in relationship title
Moderate
CVE-2023-37263
was published
for
@strapi/plugin-content-manager
(npm)
Sep 13, 2023
An information leak in kokoroe_members card Line 13.6.1 allows attackers to obtain the channel...
Moderate
Unreviewed
CVE-2023-39045
was published
Sep 20, 2023
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were...
High
Unreviewed
CVE-2023-39677
was published
Sep 20, 2023
Cros secrets may be disclosed to untrusted relay
Moderate
CVE-2023-43617
was published
for
github.com/schollz/croc/v9
(Go)
Sep 20, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress...
Moderate
Unreviewed
CVE-2024-43237
was published
Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-8516
was published
Sep 25, 2024
Data security classification vulnerability in the DDMP module. Successful exploitation of this...
High
Unreviewed
CVE-2023-41293
was published
Sep 25, 2023
An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure...
Moderate
Unreviewed
CVE-2023-38344
was published
Sep 21, 2023
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions...
Moderate
Unreviewed
CVE-2024-8483
was published
Sep 25, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for...
Moderate
Unreviewed
CVE-2024-7426
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API