GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,369 advisories

Filter by severity

Sort by

Least recently updated

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... High Unreviewed

CVE-2024-8979 was published Nov 15, 2024

VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-47915 was published Nov 14, 2024

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed

CVE-2023-34437 was published Oct 19, 2023

mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed

CVE-2024-7010 was published Oct 29, 2024

A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the... High Unreviewed

CVE-2024-6861 was published Nov 6, 2024

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed

CVE-2024-5124 was published Jun 6, 2024

Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed

CVE-2023-4215 was published Oct 17, 2023

The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9627 was published Oct 22, 2024

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. High Unreviewed

CVE-2023-22586 was published Jun 11, 2023

The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed

CVE-2024-9821 was published Oct 12, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed

CVE-2024-9054 was published Oct 4, 2024

The "tokenKey" value used in user authorization is visible in the HTML source of the login page. High Unreviewed

CVE-2023-49261 was published Jan 12, 2024

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a... High Unreviewed

CVE-2024-43610 was published Oct 9, 2024

Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2024-45245 was published Oct 6, 2024

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... High Unreviewed

CVE-2023-3413 was published Sep 29, 2023

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed

CVE-2023-3993 was published Aug 2, 2023

The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based... High Unreviewed

CVE-2023-3705 was published Aug 24, 2023

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... High Unreviewed

CVE-2023-39289 was published Aug 26, 2023

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed

CVE-2024-25646 was published Apr 9, 2024

Under certain conditions SAP Commerce (OCC API) - versions HY_COM 2105, HY_COM 2205, COM_CLOUD... High Unreviewed

CVE-2023-37486 was published Aug 8, 2023

SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed

CVE-2023-49580 was published Dec 12, 2023

Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed

CVE-2023-39214 was published Aug 9, 2023

The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes... High Unreviewed

CVE-2024-46471 was published Sep 27, 2024

An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote... High Unreviewed

CVE-2023-39620 was published Sep 8, 2023

This allows attackers to use a maliciously formed API request to gain access to an API... High Unreviewed

CVE-2024-1222 was published Mar 14, 2024

Previous 1 2 3 4 5 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,369 advisories