GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,810 advisories
Filter by severity
Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API
Moderate
CVE-2024-42486
was published
for
github.com/cilium/cilium
(Go)
Aug 16, 2024
The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-7630
was published
Aug 16, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester Online...
Moderate
Unreviewed
CVE-2024-7842
was published
Aug 16, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate...
Moderate
Unreviewed
CVE-2024-7843
was published
Aug 16, 2024
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain...
Moderate
Unreviewed
CVE-2024-27731
was published
Aug 15, 2024
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with...
Moderate
Unreviewed
CVE-2024-31799
was published
Aug 15, 2024
The Newsletters plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to,...
Moderate
Unreviewed
CVE-2024-7411
was published
Aug 15, 2024
The ElementsKit Pro plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-7063
was published
Aug 15, 2024
A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux....
High
Unreviewed
CVE-2024-27120
was published
Aug 14, 2024
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms...
Moderate
Unreviewed
CVE-2024-42435
was published
Aug 14, 2024
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms...
Moderate
Unreviewed
CVE-2024-42434
was published
Aug 14, 2024
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms...
Moderate
Unreviewed
CVE-2024-39823
was published
Aug 14, 2024
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms...
Moderate
Unreviewed
CVE-2024-39824
was published
Aug 14, 2024
Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms...
Moderate
Unreviewed
CVE-2024-39822
was published
Aug 14, 2024
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. ...
Moderate
Unreviewed
CVE-2024-41723
was published
Aug 14, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A....
Moderate
Unreviewed
CVE-2024-38742
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and...
High
Unreviewed
CVE-2024-38787
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon...
Moderate
Unreviewed
CVE-2024-38756
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment...
High
Unreviewed
CVE-2024-38747
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Maucher Send...
Moderate
Unreviewed
CVE-2024-38760
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive...
Moderate
Unreviewed
CVE-2024-38749
was published
Aug 13, 2024
In SAP Commerce, valid user accounts can be
identified during the customer registration and login...
Moderate
Unreviewed
CVE-2024-41733
was published
Aug 13, 2024
Under certain conditions SAP Permit to Work
allows an authenticated attacker to access...
Moderate
Unreviewed
CVE-2024-41736
was published
Aug 13, 2024
Some OCC API endpoints in SAP Commerce Cloud
allows Personally Identifiable Information (PII)...
High
Unreviewed
CVE-2024-33003
was published
Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability...
Moderate
Unreviewed
CVE-2024-37930
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API