GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,955

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,366 advisories

Filter by severity

Sort by

Least recently updated

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9627 was published Oct 22, 2024

The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9821 was published Oct 12, 2024

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a... High Unreviewed

CVE-2024-43610 was published Oct 9, 2024

Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-45245 was published Oct 6, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed

CVE-2024-9054 was published Oct 4, 2024

The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes... High Unreviewed

CVE-2024-46471 was published Sep 27, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information... High Unreviewed

CVE-2024-6406 was published Sep 18, 2024

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An... High Unreviewed

CVE-2024-40862 was published Sep 17, 2024

OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized... High Unreviewed

CVE-2024-8777 was published Sep 16, 2024

An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and... High Unreviewed

CVE-2024-46938 was published Sep 16, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information... High Unreviewed

CVE-2024-3305 was published Sep 12, 2024

Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed

CVE-2024-45624 was published Sep 12, 2024

An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed

CVE-2024-37397 was published Sep 12, 2024

Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. High Unreviewed

CVE-2023-37232 was published Sep 10, 2024

D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed

CVE-2024-44408 was published Sep 6, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo... High Unreviewed

CVE-2024-43289 was published Aug 26, 2024

An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The... High Unreviewed

CVE-2024-39344 was published Aug 21, 2024

Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-41700 was published Aug 20, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42658 was published Aug 19, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42657 was published Aug 19, 2024

A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux.... High Unreviewed

CVE-2024-27120 was published Aug 14, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment... High Unreviewed

CVE-2024-38747 was published Aug 13, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and... High Unreviewed

CVE-2024-38787 was published Aug 13, 2024

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII)... High Unreviewed

CVE-2024-33003 was published Aug 13, 2024

Previous 1 2 3 4 5 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,366 advisories