Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,354 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information... High Unreviewed
CVE-2024-6406 was published Sep 18, 2024
A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An... High Unreviewed
CVE-2024-40862 was published Sep 17, 2024
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized... High Unreviewed
CVE-2024-8777 was published Sep 16, 2024
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and... High Unreviewed
CVE-2024-46938 was published Sep 16, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information... High Unreviewed
CVE-2024-3305 was published Sep 12, 2024
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a... High Unreviewed
CVE-2024-45624 was published Sep 12, 2024
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before... High Unreviewed
CVE-2024-37397 was published Sep 12, 2024
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor. High Unreviewed
CVE-2023-37232 was published Sep 10, 2024
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows... High Unreviewed
CVE-2024-44408 was published Sep 6, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo... High Unreviewed
CVE-2024-43289 was published Aug 26, 2024
An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The... High Unreviewed
CVE-2024-39344 was published Aug 21, 2024
Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-41700 was published Aug 20, 2024
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-42658 was published Aug 19, 2024
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-42657 was published Aug 19, 2024
A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux.... High Unreviewed
CVE-2024-27120 was published Aug 14, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Codection Import and... High Unreviewed
CVE-2024-38787 was published Aug 13, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment... High Unreviewed
CVE-2024-38747 was published Aug 13, 2024
Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information (PII)... High Unreviewed
CVE-2024-33003 was published Aug 13, 2024
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed
CVE-2024-7697 was published Aug 12, 2024
Microsoft Office Spoofing Vulnerability High Unreviewed
CVE-2024-38200 was published Aug 12, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters... High Unreviewed
CVE-2024-42010 was published Aug 5, 2024
stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable... High Unreviewed
CVE-2024-6331 was published Aug 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Dylan James Zephyr... High Unreviewed
CVE-2024-38761 was published Aug 2, 2024
Priority PRI WEB Portal Add-On for Priority ERP on prem - CWE-200: Exposure of Sensitive... High Unreviewed
CVE-2024-41696 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API