Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,827 advisories

Loading
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an... Moderate Unreviewed
CVE-2023-46170 was published Mar 7, 2024
The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes... High Unreviewed
CVE-2024-46471 was published Sep 27, 2024
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote... High Unreviewed
CVE-2023-39620 was published Sep 8, 2023
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and... Moderate Unreviewed
CVE-2023-37484 was published Aug 8, 2023
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker... Moderate Unreviewed
CVE-2023-36926 was published Aug 8, 2023
In some configuration scenarios, the Domino server host name can be exposed. This information... Moderate Unreviewed
CVE-2023-28010 was published Sep 8, 2023
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8538 was published Sep 7, 2024
Maven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials Low
CVE-2024-47197 was published for org.apache.maven.plugins:maven-archetype-plugin (Maven) Sep 26, 2024
Temporary File Information Disclosure vulnerability in MPXJ Low
CVE-2022-41954 was published for mpxj (Maven) Nov 28, 2022
JLLeitschuh jkmartindale
This allows attackers to use a maliciously formed API request to gain access to an API... High Unreviewed
CVE-2024-1222 was published Mar 14, 2024
This vulnerability potentially allows unauthorized enumeration of information from the embedded... Moderate Unreviewed
CVE-2024-1223 was published Mar 14, 2024
gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property Moderate
CVE-2024-45040 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic
SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2024-30922 was published Apr 18, 2024
An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain... High Unreviewed
CVE-2023-42387 was published Sep 18, 2023
Strapi's field level permissions not being respected in relationship title Moderate
CVE-2023-37263 was published for @strapi/plugin-content-manager (npm) Sep 13, 2023
Boegie19 derrickmehaffy
alexandrebodin
An information leak in kokoroe_members card Line 13.6.1 allows attackers to obtain the channel... Moderate Unreviewed
CVE-2023-39045 was published Sep 20, 2023
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were... High Unreviewed
CVE-2023-39677 was published Sep 20, 2023
Cros secrets may be disclosed to untrusted relay Moderate
CVE-2023-43617 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress... Moderate Unreviewed
CVE-2024-43237 was published Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-8516 was published Sep 25, 2024
Data security classification vulnerability in the DDMP module. Successful exploitation of this... High Unreviewed
CVE-2023-41293 was published Sep 25, 2023
An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure... Moderate Unreviewed
CVE-2023-38344 was published Sep 21, 2023
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions... Moderate Unreviewed
CVE-2024-8483 was published Sep 25, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed
CVE-2024-7426 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database