GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
7,873 advisories
Filter by severity
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates,...
Moderate
Unreviewed
CVE-2024-46548
was published
Sep 30, 2024
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions...
Moderate
Unreviewed
CVE-2024-6544
was published
Sep 13, 2024
The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all...
Moderate
Unreviewed
CVE-2024-7415
was published
Sep 6, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for...
Moderate
Unreviewed
CVE-2024-7426
was published
Sep 25, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Low
Unreviewed
CVE-2023-5359
was published
Sep 25, 2024
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,...
Critical
Unreviewed
CVE-2023-40622
was published
Sep 13, 2023
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular...
Moderate
Unreviewed
CVE-2023-39440
was published
Aug 8, 2023
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to...
Moderate
Unreviewed
CVE-2024-25645
was published
Mar 12, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an...
High
Unreviewed
CVE-2024-25646
was published
Apr 9, 2024
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep...
Moderate
Unreviewed
CVE-2023-37487
was published
Aug 8, 2023
The Statutory Reporting application has a vulnerable file storage location, potentially enabling...
Moderate
Unreviewed
CVE-2023-42475
was published
Oct 10, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,...
High
Unreviewed
CVE-2023-49580
was published
Dec 12, 2023
Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD...
High
Unreviewed
CVE-2023-37486
was published
Aug 8, 2023
SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an...
Moderate
Unreviewed
CVE-2023-39436
was published
Aug 8, 2023
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL...
Moderate
Unreviewed
CVE-2024-24740
was published
Feb 13, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access...
Moderate
Unreviewed
CVE-2024-25644
was published
Mar 12, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions...
Moderate
Unreviewed
CVE-2024-28163
was published
Mar 12, 2024
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated...
High
Unreviewed
CVE-2023-39214
was published
Aug 9, 2023
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an...
Moderate
Unreviewed
CVE-2023-46170
was published
Mar 7, 2024
The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes...
High
Unreviewed
CVE-2024-46471
was published
Sep 27, 2024
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote...
High
Unreviewed
CVE-2023-39620
was published
Sep 8, 2023
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker...
Moderate
Unreviewed
CVE-2023-36926
was published
Aug 8, 2023
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8538
was published
Sep 7, 2024
In some configuration scenarios, the Domino server host name can be exposed. This information...
Moderate
Unreviewed
CVE-2023-28010
was published
Sep 8, 2023
ProTip!
Advisories are also available from the
GraphQL API