Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,776 advisories

Loading
Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on... Moderate Unreviewed
CVE-2024-39600 was published Jul 9, 2024
Under certain conditions SAP NetWeaver Application Server for ABAP and ABAP Platform allows an... Moderate Unreviewed
CVE-2024-37180 was published Jul 9, 2024
SAP Landscape Management allows an authenticated user to read confidential data disclosed by the... Moderate Unreviewed
CVE-2024-39593 was published Jul 9, 2024
A security vulnerability in HCL Domino could allow disclosure of sensitive configuration... Moderate Unreviewed
CVE-2024-23562 was published Jul 8, 2024
ZITADEL Vulnerable to Session Information Leakage Moderate
CVE-2024-39683 was published for github.com/zitadel/zitadel (Go) Jul 5, 2024
cybertransformer livio-a
fforootd Avolicious AmirhoseinBrz srividyaj
Credited to cybertransformer, livio-a, fforootd, Avolicious, AmirhoseinBrz, and srividyaj
GeoServer's Server Status shows sensitive environmental variables and Java properties Moderate
CVE-2024-34696 was published for org.geoserver.web:gs-web-app (Maven) Jul 1, 2024
miceg jodygarnett
Credited to miceg and jodygarnett
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-36986 was published Jul 1, 2024
VMware Workspace One UEM update addresses an information exposure vulnerability.  A malicious... Moderate Unreviewed
CVE-2024-22260 was published Jun 27, 2024
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5,... Moderate Unreviewed
CVE-2024-3115 was published Jun 27, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It... Moderate Unreviewed
CVE-2024-33880 was published Jun 24, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The... Moderate Unreviewed
CVE-2024-33881 was published Jun 24, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP... Moderate Unreviewed
CVE-2024-35776 was published Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event... Moderate Unreviewed
CVE-2024-5059 was published Jun 21, 2024
Lobe Chat API Key Leak Moderate
CVE-2024-37895 was published for @lobehub/chat (npm) Jun 17, 2024
zhuozhiyongde
Credited to zhuozhiyongde
Vulnerability of insufficient permission verification in the NearLink module Impact: Successful... Moderate Unreviewed
CVE-2024-5464 was published Jun 14, 2024
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information... Moderate Unreviewed
CVE-2024-0093 was published Jun 14, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions Moderate
CVE-2024-23445 was published for org.elasticsearch:elasticsearch (Maven) Jun 12, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-35263 was published Jun 11, 2024
Windows Cryptographic Services Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-30096 was published Jun 11, 2024
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with... Moderate Unreviewed
CVE-2024-5813 was published Jun 11, 2024
This allows the information exposure to unauthorized users. This issue affects NetIQ Access... Moderate Unreviewed
CVE-2020-11843 was published Jun 11, 2024
SAP NetWeaver AS Java (CAF - Guided Procedures) allows an unauthenticated user to access non... Moderate Unreviewed
CVE-2024-28164 was published Jun 11, 2024
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service... Moderate Unreviewed
CVE-2024-36307 was published Jun 11, 2024
This issue was addressed with improved environment sanitization. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-27806 was published Jun 10, 2024
An information disclosure issue was addressed by removing the vulnerable code. This issue is... Moderate Unreviewed
CVE-2022-32933 was published Jun 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database