Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,616 advisories

Loading
Brocade SANnav before Brocade SANnav v2.3.1 lacks protection mechanisms on port 2377/TCP and... High Unreviewed
CVE-2024-4159 was published Apr 25, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid... High Unreviewed
CVE-2024-32816 was published Apr 24, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeHigh Email... High Unreviewed
CVE-2024-32781 was published Apr 24, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in vinoth06. Frontend... High Unreviewed
CVE-2024-32726 was published Apr 24, 2024
Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system... High Unreviewed
CVE-2023-38296 was published Apr 22, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when... High Unreviewed
CVE-2024-29968 was published Apr 19, 2024
A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav... High Unreviewed
CVE-2024-29961 was published Apr 19, 2024
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle... High Unreviewed
CVE-2024-21095 was published Apr 17, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AitThemes Citadela... High Unreviewed
CVE-2024-32086 was published Apr 16, 2024
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object... High Unreviewed
CVE-2023-50872 was published Apr 16, 2024
Duplicate Advisory: Scrapy authorization header leakage on cross-domain redirect High
GHSA-4q82-j5c2-g2c5 was published for scrapy (pip) Apr 16, 2024 withdrawn
A vulnerability of Information Exposure has been found on Technicolor CGA2121 affecting the... High Unreviewed
CVE-2024-3780 was published Apr 15, 2024
A potential security vulnerability has been identified in Web ViewPoint Enterprise software.... High Unreviewed
CVE-2024-22435 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29839 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29841 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29842 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29840 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29843 was published Apr 15, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks... High Unreviewed
CVE-2024-30381 was published Apr 12, 2024
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the... High Unreviewed
CVE-2024-29400 was published Apr 12, 2024
Information exposure vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1... High Unreviewed
CVE-2024-2740 was published Apr 11, 2024
An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-51142 was published Apr 11, 2024
Contao: Possible cookie sharing with external domains while checking protected pages for broken links High
CVE-2024-28235 was published for contao/core-bundle (Composer) Apr 9, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without... High Unreviewed
CVE-2024-31817 was published Apr 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database