Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,094 advisories

Loading
The Bare Metal Operator (BMO) can expose particularly named secrets from other namespaces via BMH CRD Moderate
CVE-2024-43803 was published for github.com/metal3-io/baremetal-operator (Go) Sep 3, 2024
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability Moderate
CVE-2024-45043 was published for github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver (Go) Aug 29, 2024
DouglasHeriot Aneurysm9
arminru
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-3679 was published Aug 29, 2024
The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-2541 was published Aug 29, 2024
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for... Moderate Unreviewed
CVE-2024-7418 was published Aug 29, 2024
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6551 was published Aug 29, 2024
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server... Moderate Unreviewed
CVE-2021-22529 was published Aug 28, 2024
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in... Moderate Unreviewed
CVE-2024-6448 was published Aug 28, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File... Moderate Unreviewed
CVE-2024-43230 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard -... Moderate Unreviewed
CVE-2024-43257 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro... Moderate Unreviewed
CVE-2024-43251 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus... Moderate Unreviewed
CVE-2024-43258 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by... Moderate Unreviewed
CVE-2024-43264 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order... Moderate Unreviewed
CVE-2024-43259 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Contest Gallery.This... Moderate Unreviewed
CVE-2024-43283 was published Aug 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in bPlugins LLC Flash &... Moderate Unreviewed
CVE-2024-43319 was published Aug 26, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42337 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42338 was published Aug 25, 2024
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-42339 was published Aug 25, 2024
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to information exposure... Moderate Unreviewed
CVE-2024-6499 was published Aug 24, 2024
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users Moderate
CVE-2024-8072 was published for mage-ai (pip) Aug 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenText Performance... Moderate Unreviewed
CVE-2022-26327 was published Aug 21, 2024
The Flamix: Bitrix24 and Contact Form 7 integrations plugin for WordPress is vulnerable to Full... Moderate Unreviewed
CVE-2024-6568 was published Aug 21, 2024
The Hide My Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-5880 was published Aug 21, 2024
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2024-41698 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database