Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,469 advisories

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter... Moderate Unreviewed
CVE-2024-35682 was published Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC... Moderate Unreviewed
CVE-2024-35691 was published Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web... Moderate Unreviewed
CVE-2024-35710 was published Jun 8, 2024
Adminer file disclosure vulnerability High
GHSA-97h7-mf38-g9mf was published for vrana/adminer (Composer) Jun 7, 2024
Zend-developer-tools information disclosure vulnerability Moderate
GHSA-qg7m-mwxm-j3h7 was published for zendframework/zend-developer-tools (Composer) Jun 7, 2024
ZendFramework Information Disclosure and Insufficient Entropy vulnerability Moderate
GHSA-2fhr-8r8r-qp56 was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 Information Disclosure in Install Tool Moderate
GHSA-6487-3qvg-8px9 was published for typo3/cms (Composer) Jun 7, 2024
TYPO3 Information Disclosure of Installed Extensions Moderate
GHSA-f624-8hfq-5fh3 was published for typo3/cms (Composer) Jun 7, 2024
netplan leaks the private key of wireguard to local users. A security fix will be released soon. Moderate Unreviewed
CVE-2022-4968 was published Jun 7, 2024
In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure... Critical Unreviewed
CVE-2024-5133 was published Jun 6, 2024
Arbitrary system path lookup in h20 Moderate
CVE-2024-5550 was published for h2o (pip) Jun 6, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
Jupyter server on Windows discloses Windows user password hash High
CVE-2024-35178 was published for jupyter_server (pip) Jun 6, 2024
nvn1729
Password hash exposed in CraftCMS two factor authentication plugin Low
CVE-2024-5657 was published for born05/craft-twofactorauthentication (Composer) Jun 6, 2024
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows... Critical Unreviewed
CVE-2024-4008 was published Jun 5, 2024
BoringSSLAEADContext in Netty Repeats Nonces Moderate
CVE-2024-36121 was published for io.netty.incubator:netty-incubator-codec-ohttp (Maven) Jun 5, 2024
SalusaSecondus
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password... Moderate Unreviewed
CVE-2024-3716 was published Jun 5, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech... High Unreviewed
CVE-2024-1662 was published Jun 5, 2024
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can... Moderate Unreviewed
CVE-2024-4220 was published Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in All In One WP... Low Unreviewed
CVE-2023-52147 was published Jun 4, 2024
Typo3 Arbitrary File Disclosure in Form Component Moderate
GHSA-wrpf-2x8h-82gr was published for typo3/cms (Composer) Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Webcraftic Hide login... Low Unreviewed
CVE-2023-48335 was published Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in David Vongries... Low Unreviewed
CVE-2023-49822 was published Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A.... Moderate Unreviewed
CVE-2023-49774 was published Jun 4, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPServeur,... Low Unreviewed
CVE-2023-49748 was published Jun 4, 2024
ProTip! Advisories are also available from the GraphQL API