Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,773 advisories

Loading
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker... Moderate Unreviewed
CVE-2024-9539 was published Oct 11, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2024-39527 was published Oct 11, 2024
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-9538 was published Oct 11, 2024
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2024-8913 was published Oct 11, 2024
Gradio has several components with post-process steps allow arbitrary file leaks Moderate
CVE-2024-47868 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Credited to ahpaleus and Vasco-jofra
Magento Open Source Information Exposure vulnerability Moderate
CVE-2024-45134 was published for magento/community-edition (Composer) Oct 10, 2024
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 ... Moderate Unreviewed
CVE-2024-6747 was published Oct 10, 2024
Microsoft Office Spoofing Vulnerability Moderate Unreviewed
CVE-2024-43609 was published Oct 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StylemixThemes... Moderate Unreviewed
CVE-2024-47344 was published Oct 7, 2024
ZKteco – CWE 200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-45250 was published Oct 6, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed
CVE-2024-47848 was published Oct 5, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed
CVE-2024-20490 was published Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed
CVE-2024-20491 was published Oct 2, 2024
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission Moderate
CVE-2024-47805 was published for org.jenkins-ci.plugins:credentials (Maven) Oct 2, 2024
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates,... Moderate Unreviewed
CVE-2024-46548 was published Sep 30, 2024
MantisBT vulnerable to information disclosure with user profiles Moderate
CVE-2024-45792 was published for mantisbt/mantisbt (Composer) Sep 30, 2024
c-schmitz dregad
Credited to c-schmitz and dregad
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress... Moderate Unreviewed
CVE-2024-43237 was published Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-8516 was published Sep 25, 2024
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed
CVE-2024-7426 was published Sep 25, 2024
The MAS Static Content plugin for WordPress is vulnerable to Information Exposure in all versions... Moderate Unreviewed
CVE-2024-8483 was published Sep 25, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-8801 was published Sep 25, 2024
Mautic allows users enumeration due to weak password login Moderate
CVE-2024-47059 was published for mautic/core (Composer) Sep 18, 2024
tomekkowalczyk patrykgruszka
escopecz rafibz007
Credited to tomekkowalczyk, patrykgruszka, escopecz, and rafibz007
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users Moderate
CVE-2024-46979 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
OMFLOW from The SYSCOM Group has a vulnerability involving the exposure of sensitive data. This... Moderate Unreviewed
CVE-2024-8969 was published Sep 18, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw` Moderate
CVE-2024-45811 was published for vite (npm) Sep 17, 2024
adi1
Credited to adi1
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database