Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,616 advisories

Loading
Jupyter server on Windows discloses Windows user password hash High
CVE-2024-35178 was published for jupyter_server (pip) Jun 6, 2024
nvn1729
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech... High Unreviewed
CVE-2024-1662 was published Jun 5, 2024
Duplicate Advisory: Keycloak exposes sensitive information in Pushed Authorization Requests (PAR) High
GHSA-4vrx-8phj-x3mg was published for org.keycloak:keycloak-services (Maven) Jun 3, 2024 withdrawn
Moodle Authenticated LFI risk in some misconfigured shared hosting environments High
CVE-2024-34002 was published for moodle/moodle (Composer) May 31, 2024
Symfony allows direct access of ESI URLs behind a trusted proxy High
CVE-2014-5245 was published for symfony/http-kernel (Composer) May 30, 2024
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module... High Unreviewed
CVE-2021-47403 was published May 21, 2024
Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects High
GHSA-cg34-w3fm-82h3 was published for scrapy (pip) May 20, 2024 withdrawn
eZ Platform User data disclosure High
GHSA-3g43-xfrw-pv5m was published for ezsystems/repository-forms (Composer) May 15, 2024
eZ Publish Information disclosure in backend content tree menu High
GHSA-cc2j-92jq-wgjg was published for ezsystems/ezpublish-legacy (Composer) May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the ... High Unreviewed
CVE-2024-33865 was published May 14, 2024
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth... High Unreviewed
CVE-2024-22269 was published May 14, 2024
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest... High Unreviewed
CVE-2024-22270 was published May 14, 2024
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note:... High Unreviewed
CVE-2024-26026 was published May 8, 2024
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note:... High Unreviewed
CVE-2024-21793 was published May 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR... High Unreviewed
CVE-2024-34388 was published May 6, 2024
Section Camera V2.5.5.3116-S50-SMA-B20160811 and earlier versions allow the accounts and... High Unreviewed
CVE-2024-33753 was published May 6, 2024
LG Simple Editor checkServer Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40511 was published May 3, 2024
LG Simple Editor getServerSetting Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2023-40510 was published May 3, 2024
D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. This... High Unreviewed
CVE-2023-35750 was published May 3, 2024
An issue in Vaales Technologies V_QRS v.2024-01-17 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-24313 was published May 1, 2024
An issue in CYCZCAM, SHIX ZHAO, SHIXCAM A9 Camera (circuit board identifier A9-48B-V1.0) firmware... High Unreviewed
CVE-2024-25458 was published May 1, 2024
An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-29384 was published Apr 30, 2024
An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote... High Unreviewed
CVE-2024-33309 was published Apr 30, 2024
Cluster Monitoring Operator contains a credentials leak High
CVE-2024-1139 was published for github.com/openshift/cluster-monitoring-operator (Go) Apr 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP... High Unreviewed
CVE-2024-25917 was published Apr 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database