GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,959

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,366 advisories

Filter by severity

Sort by

Least recently updated

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed

CVE-2024-5124 was published Jun 6, 2024

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed

CVE-2023-4215 was published Oct 17, 2023

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9627 was published Oct 22, 2024

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. High Unreviewed

CVE-2023-22586 was published Jun 11, 2023

The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9821 was published Oct 12, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed

CVE-2024-9054 was published Oct 4, 2024

The "tokenKey" value used in user authorization is visible in the HTML source of the login page. High Unreviewed

CVE-2023-49261 was published Jan 12, 2024

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a... High Unreviewed

CVE-2024-43610 was published Oct 9, 2024

Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-45245 was published Oct 6, 2024

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... High Unreviewed

CVE-2023-3413 was published Sep 29, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed

CVE-2023-3993 was published Aug 2, 2023

The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based... High Unreviewed

CVE-2023-3705 was published Aug 24, 2023

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... High Unreviewed

CVE-2023-39289 was published Aug 26, 2023

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed

CVE-2024-25646 was published Apr 9, 2024

Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD... High Unreviewed

CVE-2023-37486 was published Aug 8, 2023

SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed

CVE-2023-49580 was published Dec 12, 2023

Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed

CVE-2023-39214 was published Aug 9, 2023

The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes... High Unreviewed

CVE-2024-46471 was published Sep 27, 2024

An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote... High Unreviewed

CVE-2023-39620 was published Sep 8, 2023

This allows attackers to use a maliciously formed API request to gain access to an API... High Unreviewed

CVE-2024-1222 was published Mar 14, 2024

An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain... High Unreviewed

CVE-2023-42387 was published Sep 18, 2023

MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were... High Unreviewed

CVE-2023-39677 was published Sep 20, 2023

Data security classification vulnerability in the DDMP module. Successful exploitation of this... High Unreviewed

CVE-2023-41293 was published Sep 25, 2023

OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized... High Unreviewed

CVE-2024-8777 was published Sep 16, 2024

Previous 1 2 3 4 5 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,366 advisories