GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,563 advisories
Filter by severity
CWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials...
Critical
Unreviewed
CVE-2024-6407
was published
Jul 11, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird...
Moderate
Unreviewed
CVE-2024-37504
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table &...
Moderate
Unreviewed
CVE-2024-37498
was published
Jul 10, 2024
A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic....
Moderate
Unreviewed
CVE-2024-6646
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software...
Critical
Unreviewed
CVE-2024-37113
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software...
High
Unreviewed
CVE-2024-37110
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack...
High
Unreviewed
CVE-2024-37115
was published
Jul 10, 2024
Decidim vulnerable to data disclosure through the embed feature
Moderate
CVE-2024-27090
was published
for
decidim
(RubyGems)
Jul 10, 2024
An unauthenticated remote attacker can read out sensitive device information through a...
High
Unreviewed
CVE-2024-6421
was published
Jul 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0...
High
Unreviewed
CVE-2024-32670
was published
Jul 10, 2024
Microsoft Message Queuing Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38017
was published
Jul 9, 2024
Windows Kernel Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38041
was published
Jul 9, 2024
Microsoft Outlook Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38020
was published
Jul 9, 2024
CSP violations generated links in the console tab of the developer tools, pointing to the...
Moderate
Unreviewed
CVE-2024-6612
was published
Jul 9, 2024
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,...
High
Unreviewed
CVE-2023-52237
was published
Jul 9, 2024
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM...
Low
Unreviewed
CVE-2023-52238
was published
Jul 9, 2024
Under certain conditions SAP NetWeaver
Application Server for ABAP and ABAP Platform allows an...
Moderate
Unreviewed
CVE-2024-37180
was published
Jul 9, 2024
Under certain conditions, the memory of SAP GUI
for Windows contains the password used to log on...
Moderate
Unreviewed
CVE-2024-39600
was published
Jul 9, 2024
SAP Landscape Management allows an authenticated
user to read confidential data disclosed by the...
Moderate
Unreviewed
CVE-2024-39593
was published
Jul 9, 2024
Directus Allows Single Sign-On User Enumeration
High
CVE-2024-39896
was published
for
directus
(npm)
Jul 8, 2024
A security vulnerability in HCL Domino could allow disclosure of sensitive configuration...
Moderate
Unreviewed
CVE-2024-23562
was published
Jul 8, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose...
High
Unreviewed
CVE-2024-40597
was published
Jul 7, 2024
ProTip!
Advisories are also available from the
GraphQL API