GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,675

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,384 advisories

Filter by severity

Sort by

Least recently updated

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information... High Unreviewed

CVE-2024-6406 was published Sep 18, 2024

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An... High Unreviewed

CVE-2024-40862 was published Sep 17, 2024

OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized... High Unreviewed

CVE-2024-8777 was published Sep 16, 2024

An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and... High Unreviewed

CVE-2024-46938 was published Sep 16, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information... High Unreviewed

CVE-2024-3305 was published Sep 12, 2024

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed

CVE-2024-45624 was published Sep 12, 2024

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. High Unreviewed

CVE-2023-37232 was published Sep 10, 2024

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed

CVE-2024-44408 was published Sep 6, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo... High Unreviewed

CVE-2024-43289 was published Aug 26, 2024

An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The... High Unreviewed

CVE-2024-39344 was published Aug 21, 2024

Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-41700 was published Aug 20, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42658 was published Aug 19, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42657 was published Aug 19, 2024

A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux.... High Unreviewed

CVE-2024-27120 was published Aug 14, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and... High Unreviewed

CVE-2024-38787 was published Aug 13, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment... High Unreviewed

CVE-2024-38747 was published Aug 13, 2024

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII)... High Unreviewed

CVE-2024-33003 was published Aug 13, 2024

Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed

CVE-2024-7697 was published Aug 12, 2024

Microsoft Office Spoofing Vulnerability High Unreviewed

CVE-2024-38200 was published Aug 12, 2024

CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed

CVE-2024-42062 was published Aug 7, 2024

mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters... High Unreviewed

CVE-2024-42010 was published Aug 5, 2024

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed

CVE-2024-6331 was published Aug 4, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr... High Unreviewed

CVE-2024-38761 was published Aug 2, 2024

Priority PRI WEB Portal Add-On for Priority ERP on prem - CWE-200: Exposure of Sensitive... High Unreviewed

CVE-2024-41696 was published Jul 30, 2024

Previous 1 2 3 4 5 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,384 advisories