Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,373 advisories

Loading
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
Information disclosure possible while audio playback. High Unreviewed
CVE-2017-18307 was published Nov 26, 2024
An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If... High Unreviewed
CVE-2024-38647 was published Nov 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2024-45791 was published Nov 18, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... High Unreviewed
CVE-2024-8979 was published Nov 15, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47915 was published Nov 14, 2024
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the... High Unreviewed
CVE-2024-6861 was published Nov 6, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed
CVE-2023-4215 was published Oct 17, 2023
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9627 was published Oct 22, 2024
The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. High Unreviewed
CVE-2023-22586 was published Jun 11, 2023
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9821 was published Oct 12, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed
CVE-2024-9054 was published Oct 4, 2024
The "tokenKey" value used in user authorization is visible in the HTML source of the login page. High Unreviewed
CVE-2023-49261 was published Jan 12, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a... High Unreviewed
CVE-2024-43610 was published Oct 9, 2024
Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-45245 was published Oct 6, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8... High Unreviewed
CVE-2023-3993 was published Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8,... High Unreviewed
CVE-2023-3413 was published Sep 29, 2023
The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based... High Unreviewed
CVE-2023-3705 was published Aug 24, 2023
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... High Unreviewed
CVE-2023-39289 was published Aug 26, 2023
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed
CVE-2023-49580 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database