Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,635 advisories

Loading
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The... High Unreviewed
CVE-2022-45449 was published Jul 16, 2024
@jmondi/url-to-png enables capture screenshot of localhost web services (unauthenticated pages) Low
CVE-2024-39919 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior... Moderate Unreviewed
CVE-2024-6398 was published Jul 15, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials... Critical Unreviewed
CVE-2024-6407 was published Jul 11, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table &... Moderate Unreviewed
CVE-2024-37498 was published Jul 10, 2024
A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic.... Moderate Unreviewed
CVE-2024-6646 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird... Moderate Unreviewed
CVE-2024-37504 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack... High Unreviewed
CVE-2024-37115 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software... High Unreviewed
CVE-2024-37110 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software... Critical Unreviewed
CVE-2024-37113 was published Jul 10, 2024
Decidim vulnerable to data disclosure through the embed feature Moderate
CVE-2024-27090 was published for decidim (RubyGems) Jul 10, 2024
An unauthenticated remote attacker can read out sensitive device information through a... High Unreviewed
CVE-2024-6421 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0... High Unreviewed
CVE-2024-32670 was published Jul 10, 2024
Microsoft Outlook Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38020 was published Jul 9, 2024
Windows Themes Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38030 was published Jul 9, 2024
Microsoft Message Queuing Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38017 was published Jul 9, 2024
Windows Kernel Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38041 was published Jul 9, 2024
Windows NTLM Spoofing Vulnerability High Unreviewed
CVE-2024-30081 was published Jul 9, 2024
CSP violations generated links in the console tab of the developer tools, pointing to the... Moderate Unreviewed
CVE-2024-6612 was published Jul 9, 2024
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,... High Unreviewed
CVE-2023-52237 was published Jul 9, 2024
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM... Low Unreviewed
CVE-2023-52238 was published Jul 9, 2024
Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on... Moderate Unreviewed
CVE-2024-39600 was published Jul 9, 2024
Under certain conditions SAP NetWeaver Application Server for ABAP and ABAP Platform allows an... Moderate Unreviewed
CVE-2024-37180 was published Jul 9, 2024
SAP Landscape Management allows an authenticated user to read confidential data disclosed by the... Moderate Unreviewed
CVE-2024-39593 was published Jul 9, 2024
Directus Allows Single Sign-On User Enumeration High
CVE-2024-39896 was published for directus (npm) Jul 8, 2024
ProTip! Advisories are also available from the GraphQL API