GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,469 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter...
Moderate
Unreviewed
CVE-2024-35682
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC...
Moderate
Unreviewed
CVE-2024-35691
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web...
Moderate
Unreviewed
CVE-2024-35710
was published
Jun 8, 2024
Adminer file disclosure vulnerability
High
GHSA-97h7-mf38-g9mf
was published
for
vrana/adminer
(Composer)
Jun 7, 2024
Zend-developer-tools information disclosure vulnerability
Moderate
GHSA-qg7m-mwxm-j3h7
was published
for
zendframework/zend-developer-tools
(Composer)
Jun 7, 2024
ZendFramework Information Disclosure and Insufficient Entropy vulnerability
Moderate
GHSA-2fhr-8r8r-qp56
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
TYPO3 Information Disclosure in Install Tool
Moderate
GHSA-6487-3qvg-8px9
was published
for
typo3/cms
(Composer)
Jun 7, 2024
TYPO3 Information Disclosure of Installed Extensions
Moderate
GHSA-f624-8hfq-5fh3
was published
for
typo3/cms
(Composer)
Jun 7, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon.
Moderate
Unreviewed
CVE-2022-4968
was published
Jun 7, 2024
In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure...
Critical
Unreviewed
CVE-2024-5133
was published
Jun 6, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically...
High
Unreviewed
CVE-2024-5124
was published
Jun 6, 2024
Jupyter server on Windows discloses Windows user password hash
High
CVE-2024-35178
was published
for
jupyter_server
(pip)
Jun 6, 2024
Password hash exposed in CraftCMS two factor authentication plugin
Low
CVE-2024-5657
was published
for
born05/craft-twofactorauthentication
(Composer)
Jun 6, 2024
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows...
Critical
Unreviewed
CVE-2024-4008
was published
Jun 5, 2024
BoringSSLAEADContext in Netty Repeats Nonces
Moderate
CVE-2024-36121
was published
for
io.netty.incubator:netty-incubator-codec-ohttp
(Maven)
Jun 5, 2024
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password...
Moderate
Unreviewed
CVE-2024-3716
was published
Jun 5, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech...
High
Unreviewed
CVE-2024-1662
was published
Jun 5, 2024
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can...
Moderate
Unreviewed
CVE-2024-4220
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP...
Low
Unreviewed
CVE-2023-52147
was published
Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component
Moderate
GHSA-wrpf-2x8h-82gr
was published
for
typo3/cms
(Composer)
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login...
Low
Unreviewed
CVE-2023-48335
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Vongries...
Low
Unreviewed
CVE-2023-49822
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A....
Moderate
Unreviewed
CVE-2023-49774
was published
Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur,...
Low
Unreviewed
CVE-2023-49748
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API