Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,094 advisories

Loading
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42337 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42338 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42339 was published Aug 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This... Moderate Unreviewed
CVE-2024-43283 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in bPlugins LLC Flash &... Moderate Unreviewed
CVE-2024-43319 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File... Moderate Unreviewed
CVE-2024-43230 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus... Moderate Unreviewed
CVE-2024-43258 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order... Moderate Unreviewed
CVE-2024-43259 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by... Moderate Unreviewed
CVE-2024-43264 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro... Moderate Unreviewed
CVE-2024-43251 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard -... Moderate Unreviewed
CVE-2024-43257 was published Aug 26, 2024
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in... Moderate Unreviewed
CVE-2024-6448 was published Aug 28, 2024
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server... Moderate Unreviewed
CVE-2021-22529 was published Aug 28, 2024
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for... Moderate Unreviewed
CVE-2024-7418 was published Aug 29, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6551 was published Aug 29, 2024
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-3679 was published Aug 29, 2024
The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-2541 was published Aug 29, 2024
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability Moderate
CVE-2024-45043 was published for github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver (Go) Aug 29, 2024
DouglasHeriot Aneurysm9
arminru
The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD Moderate
CVE-2024-43803 was published for github.com/metal3-io/baremetal-operator (Go) Sep 3, 2024
Permission control vulnerability in the software update module. Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-45450 was published Sep 4, 2024
Access control vulnerability in the camera framework module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-45447 was published Sep 4, 2024
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-8106 was published Sep 4, 2024
A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the... Moderate Unreviewed
CVE-2024-44820 was published Sep 4, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2024-20503 was published Sep 4, 2024
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-6835 was published Sep 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database