Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,094 advisories

Loading
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates,... Moderate Unreviewed
CVE-2024-46548 was published Sep 30, 2024
Jenkins Credentials plugin reveals encrypted values of credentials to users with Extended Read permission Moderate
CVE-2024-47805 was published for org.jenkins-ci.plugins:credentials (Maven) Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker... Moderate Unreviewed
CVE-2024-20491 was published Oct 2, 2024
A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller (NDFC) and Cisco... Moderate Unreviewed
CVE-2024-20490 was published Oct 2, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed
CVE-2024-47848 was published Oct 5, 2024
ZKteco – CWE 200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-45250 was published Oct 6, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StylemixThemes... Moderate Unreviewed
CVE-2024-47344 was published Oct 7, 2024
Microsoft Office Spoofing Vulnerability Moderate Unreviewed
CVE-2024-43609 was published Oct 8, 2024
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 ... Moderate Unreviewed
CVE-2024-6747 was published Oct 10, 2024
Magento Open Source Information Exposure vulnerability Moderate
CVE-2024-45134 was published for magento/community-edition (Composer) Oct 10, 2024
Gradio has several components with post-process steps allow arbitrary file leaks Moderate
CVE-2024-47868 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2024-8913 was published Oct 11, 2024
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-9538 was published Oct 11, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2024-39527 was published Oct 11, 2024
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker... Moderate Unreviewed
CVE-2024-9539 was published Oct 11, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2024-8902 was published Oct 12, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45739 was published Oct 14, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes... Moderate Unreviewed
CVE-2024-45738 was published Oct 14, 2024
The WPIDE – File Manager & Code Editor plugin for WordPress is vulnerable to Full Path Disclosure... Moderate Unreviewed
CVE-2024-9546 was published Oct 15, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-6757 was published Oct 15, 2024
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive... Moderate Unreviewed
CVE-2020-36835 was published Oct 16, 2024
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in... Moderate Unreviewed
CVE-2017-20194 was published Oct 16, 2024
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-9540 was published Oct 16, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-7417 was published Oct 17, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox... Moderate Unreviewed
CVE-2024-49284 was published Oct 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database