GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
163 advisories
Filter by severity
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the...
Critical
Unreviewed
CVE-2024-10285
was published
Nov 9, 2024
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that...
Critical
Unreviewed
CVE-2024-8884
was published
Oct 8, 2024
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,...
Critical
Unreviewed
CVE-2023-40622
was published
Sep 13, 2023
SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-30922
was published
Apr 18, 2024
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the...
Critical
Unreviewed
CVE-2024-27113
was published
Sep 11, 2024
Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10...
Critical
Unreviewed
CVE-2012-6664
was published
Jun 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord...
Critical
Unreviewed
CVE-2024-1744
was published
Sep 6, 2024
A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service...
Critical
Unreviewed
CVE-2024-42019
was published
Sep 7, 2024
An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM...
Critical
Unreviewed
CVE-2024-38650
was published
Sep 7, 2024
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1....
Critical
Unreviewed
CVE-2023-49103
was published
Nov 22, 2023
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are...
Critical
Unreviewed
CVE-2024-6633
was published
Aug 27, 2024
An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability...
Critical
Unreviewed
CVE-2023-40276
was published
Mar 19, 2024
A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with...
Critical
Unreviewed
CVE-2023-39337
was published
Nov 15, 2023
There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to...
Critical
Unreviewed
CVE-2024-42394
was published
Aug 6, 2024
TightVNC (Server for Windows) before 2.8.84 allows attackers to connect to the control pipe via a...
Critical
Unreviewed
CVE-2024-42049
was published
Jul 28, 2024
An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via...
Critical
Unreviewed
CVE-2023-40275
was published
Mar 19, 2024
** UNSUPPORTED WHEN ASSIGNED ** Exposure of Sensitive Information to an Unauthorized Actor...
Critical
Unreviewed
CVE-2024-27905
was published
Feb 27, 2024
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint...
Critical
Unreviewed
CVE-2021-3773
was published
Feb 17, 2022
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an
empty supported...
Critical
Unreviewed
CVE-2024-5535
was published
Jun 27, 2024
CWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials...
Critical
Unreviewed
CVE-2024-6407
was published
Jul 11, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software...
Critical
Unreviewed
CVE-2024-37113
was published
Jul 10, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure...
Critical
Unreviewed
CVE-2024-5133
was published
Jun 6, 2024
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4008
was published
Jun 5, 2024
E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remote...
Critical
Unreviewed
CVE-2024-4300
was published
Apr 29, 2024
ProTip!
Advisories are also available from the
GraphQL API