Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

109,744 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird... Moderate Unreviewed
CVE-2024-37504 was published Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table &... Moderate Unreviewed
CVE-2024-37498 was published Jul 10, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Croogo... Moderate Unreviewed
CVE-2024-6647 was published Jul 10, 2024
A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic.... Moderate Unreviewed
CVE-2024-6646 was published Jul 10, 2024
Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This... Moderate Unreviewed
CVE-2024-37205 was published Jul 10, 2024
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin... Moderate Unreviewed
CVE-2024-37270 was published Jul 10, 2024
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session... Moderate Unreviewed
CVE-2023-33860 was published Jul 10, 2024
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject... Moderate Unreviewed
CVE-2023-35006 was published Jul 10, 2024
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login... Moderate Unreviewed
CVE-2023-33859 was published Jul 10, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2024-20456 was published Jul 10, 2024
A vulnerability was found in WuKongOpenSource Wukong_nocode up to 20230807. It has been declared... Moderate Unreviewed
CVE-2024-6645 was published Jul 10, 2024
A vulnerability was found in zmops ArgusDBM up to 0.1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2024-6644 was published Jul 10, 2024
ServiceNow has addressed a sensitive file read vulnerability that was identified in the... Moderate Unreviewed
CVE-2024-5178 was published Jul 10, 2024
OpenSearch Observability does not properly restrict access to private tenant resources Moderate
CVE-2024-39901 was published for org.opensearch.plugin:opensearch-observability (Maven) Jul 10, 2024
Decidim cross-site scripting (XSS) in the admin panel Moderate
CVE-2024-27095 was published for decidim-admin (RubyGems) Jul 10, 2024
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.' Moderate Unreviewed
CVE-2024-40336 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-40328 was published Jul 10, 2024
Decidim vulnerable to data disclosure through the embed feature Moderate
CVE-2024-27090 was published for decidim (RubyGems) Jul 10, 2024
PrivateBin allows shortening of URLs for other domains Moderate
CVE-2024-39899 was published for privatebin/privatebin (Composer) Jul 10, 2024
nbxiglk0
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is... Moderate Unreviewed
CVE-2024-5664 was published Jul 10, 2024
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is... Moderate Unreviewed
CVE-2024-6556 was published Jul 10, 2024
Duplicate Advisory: Login by Auth0 plugin for WordPress vulnerable to Reflected Cross-Site Scripting Moderate
GHSA-52jw-f3jq-hhwg was published for auth0/wordpress (Composer) Jul 10, 2024 withdrawn
Cross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970... Moderate Unreviewed
CVE-2024-36453 was published Jul 10, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-6410 was published Jul 10, 2024
Django vulnerable to user enumeration attack Moderate
CVE-2024-39329 was published for Django (pip) Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API