Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0,... High Unreviewed
CVE-2024-21685 was published Jun 18, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec High
CVE-2024-22032 was published for github.com/rancher/rancher (Go) Jun 17, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information... High Unreviewed
CVE-2024-38467 was published Jun 16, 2024
Cilium leaks sensitive information in cilium-bugtool High
CVE-2024-37307 was published for github.com/cilium/cilium (Go) Jun 13, 2024
sayboras
Credited to sayboras
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure... High Unreviewed
CVE-2024-30472 was published Jun 13, 2024
Keycloak's admin API allows low privilege users to use administrative functions High
CVE-2024-3656 was published for org.keycloak:keycloak-services (Maven) Jun 11, 2024
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37325 was published Jun 11, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
CVE-2024-4540 was published for org.keycloak:keycloak-services (Maven) Jun 10, 2024
mschallar
Credited to mschallar
Adminer file disclosure vulnerability High
GHSA-97h7-mf38-g9mf was published for vrana/adminer (Composer) Jun 7, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
Jupyter server on Windows discloses Windows user password hash High
CVE-2024-35178 was published for jupyter_server (pip) Jun 6, 2024
nvn1729
Credited to nvn1729
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech... High Unreviewed
CVE-2024-1662 was published Jun 5, 2024
Duplicate Advisory: Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
GHSA-4vrx-8phj-x3mg was published for org.keycloak:keycloak-services (Maven) Jun 3, 2024 withdrawn
Moodle Authenticated LFI risk in some misconfigured shared hosting environments High
CVE-2024-34005 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Credited to AnonySE26
Moodle Authenticated LFI risk in some misconfigured shared hosting environments High
CVE-2024-34002 was published for moodle/moodle (Composer) May 31, 2024
Symfony allows direct access of ESI URLs behind a trusted proxy High
CVE-2014-5245 was published for symfony/http-kernel (Composer) May 30, 2024
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module... High Unreviewed
CVE-2021-47403 was published May 21, 2024
Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects High
GHSA-cg34-w3fm-82h3 was published for scrapy (pip) May 20, 2024 withdrawn
eZ Platform User data disclosure High
GHSA-3g43-xfrw-pv5m was published for ezsystems/repository-forms (Composer) May 15, 2024
eZ Publish Information disclosure in backend content tree menu High
GHSA-cc2j-92jq-wgjg was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
Grafana Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins High
CVE-2022-39201 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana User enumeration via forget password High
CVE-2022-39307 was published for github.com/grafana/grafana (Go) May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the ... High Unreviewed
CVE-2024-33865 was published May 14, 2024
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth... High Unreviewed
CVE-2024-22269 was published May 14, 2024
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest... High Unreviewed
CVE-2024-22270 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database