Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,776 advisories

Loading
Navidrome uses MD5 hashing algorithm Moderate
CVE-2024-41259 was published for github.com/navidrome/navidrome (Go) Aug 1, 2024
casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification Moderate
CVE-2024-41264 was published for github.com/casdoor/casdoor (Go) Aug 1, 2024
A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH... Moderate Unreviewed
CVE-2024-7339 was published Aug 1, 2024
The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information... Moderate Unreviewed
CVE-2024-6687 was published Aug 1, 2024
A vulnerability, which was classified as problematic, has been found in YouDianCMS 7. This issue... Moderate Unreviewed
CVE-2024-7328 was published Aug 1, 2024
Pimcore vulnerable to disclosure of system and database information behind /admin firewall Moderate
CVE-2024-41109 was published for pimcore/admin-ui-classic-bundle (Composer) Jul 30, 2024
mysliwietzflorian
Credited to mysliwietzflorian
AccuPOS - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-41701 was published Jul 30, 2024
Cybonet - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-41694 was published Jul 30, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 16.7.9 and... Moderate Unreviewed
CVE-2024-40793 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A... Moderate Unreviewed
CVE-2024-40804 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS... Moderate Unreviewed
CVE-2024-40823 was published Jul 30, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2024-40775 was published Jul 30, 2024
This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5,... Moderate Unreviewed
CVE-2024-27884 was published Jul 30, 2024
A vulnerability was found in TOTOLINK A3700R 9.1.2u.5822_B20200513 and classified as problematic.... Moderate Unreviewed
CVE-2024-7156 was published Jul 28, 2024
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-5614 was published Jul 27, 2024
The Campaign Monitor for WordPress plugin for WordPress is vulnerable to Full Path Disclosure in... Moderate Unreviewed
CVE-2024-6569 was published Jul 27, 2024
The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-6566 was published Jul 27, 2024
The Add Admin CSS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up... Moderate Unreviewed
CVE-2024-6547 was published Jul 27, 2024
The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-6549 was published Jul 27, 2024
The One Click Close Comments plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-6546 was published Jul 27, 2024
The Admin Trim Interface plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-6545 was published Jul 27, 2024
The Add Admin JavaScript plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-6548 was published Jul 27, 2024
The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to... Moderate Unreviewed
CVE-2024-6573 was published Jul 27, 2024
A flaw was found in the Openshift console. Several endpoints in the application use the... Moderate Unreviewed
CVE-2024-7128 was published Jul 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5... Moderate Unreviewed
CVE-2024-7091 was published Jul 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database