Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,577 advisories

Loading
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed
CVE-2024-6455 was published Jul 18, 2024
A validated user not explicitly authorized to have access to certain sensitive information could... High Unreviewed
CVE-2023-40159 was published Jul 18, 2024
Sentry's Python SDK unintentionally exposes environment variables to subprocesses Low
CVE-2024-40647 was published for sentry-sdk (pip) Jul 18, 2024
Gotenberg provides a developer-friendly API to interact with powerful tools like Chromium and... High Unreviewed
CVE-2024-40639 was published Jul 17, 2024
A vulnerability in the protocol handlers of Cisco Webex App could allow an unauthenticated,... Moderate Unreviewed
CVE-2024-20396 was published Jul 17, 2024
Sylius has a security vulnerability via adjustments API endpoint High
CVE-2024-40633 was published for sylius/sylius (Composer) Jul 17, 2024
Silverstripe Reports are still accessible even when `canView()` returns false Moderate
CVE-2024-29885 was published for silverstripe/reports (Composer) Jul 17, 2024
An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an... Moderate Unreviewed
CVE-2024-6395 was published Jul 17, 2024
A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive... Moderate Unreviewed
CVE-2024-6336 was published Jul 17, 2024
Exposure of Sensitive Information to an Unauthorized Access vulnerability in OpenText NetIQ... Moderate Unreviewed
CVE-2020-25836 was published Jul 17, 2024
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The... High Unreviewed
CVE-2022-45449 was published Jul 16, 2024
@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages) Low
CVE-2024-39919 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior... Moderate Unreviewed
CVE-2024-6398 was published Jul 15, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials... Critical Unreviewed
CVE-2024-6407 was published Jul 11, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird... Moderate Unreviewed
CVE-2024-37504 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table &... Moderate Unreviewed
CVE-2024-37498 was published Jul 10, 2024
A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic.... Moderate Unreviewed
CVE-2024-6646 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software... High Unreviewed
CVE-2024-37110 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack... High Unreviewed
CVE-2024-37115 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software... Critical Unreviewed
CVE-2024-37113 was published Jul 10, 2024
Decidim vulnerable to data disclosure through the embed feature Moderate
CVE-2024-27090 was published for decidim (RubyGems) Jul 10, 2024
An unauthenticated remote attacker can read out sensitive device information through a... High Unreviewed
CVE-2024-6421 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0... High Unreviewed
CVE-2024-32670 was published Jul 10, 2024
Microsoft Message Queuing Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38017 was published Jul 9, 2024
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38041 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API