Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,468 advisories

A vulnerability of Information Exposure has been found on Technicolor CGA2121 affecting the... High Unreviewed
CVE-2024-3780 was published Apr 15, 2024
A potential security vulnerability has been identified in Web ViewPoint Enterprise software.... High Unreviewed
CVE-2024-22435 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29839 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29841 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29842 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29843 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29840 was published Apr 15, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks... High Unreviewed
CVE-2024-30381 was published Apr 12, 2024
Information exposure vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1... High Unreviewed
CVE-2024-2740 was published Apr 11, 2024
Contao: Possible cookie sharing with external domains while checking protected pages for broken links High
CVE-2024-28235 was published for contao/core-bundle (Composer) Apr 9, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
Information exposure vulnerability in the CIGESv2 system. A remote attacker might be able to... High Unreviewed
CVE-2024-2725 was published Mar 22, 2024
A Information Exposure Vulnerability has been found on Meta4 HR. This vulnerability allows an... High Unreviewed
CVE-2024-2632 was published Mar 19, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive... High Unreviewed
CVE-2024-27769 was published Mar 18, 2024
Insecure Variable Substitution in Vela High
CVE-2024-28236 was published for github.com/go-vela/worker (Go) Mar 14, 2024
gdiepen
This allows attackers to use a maliciously formed API request to gain access to an API... High Unreviewed
CVE-2024-1222 was published Mar 14, 2024
Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and... High Unreviewed
CVE-2024-1302 was published Mar 12, 2024
CasaOS-UserService allows unauthorized access to any file High
CVE-2024-24765 was published for github.com/IceWhaleTech/CasaOS-UserService (Go) Mar 6, 2024
Cp0204
Scrapy authorization header leakage on cross-domain redirect High
CVE-2024-3574 was published for scrapy (pip) Feb 15, 2024
ranjit-git
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability High Unreviewed
CVE-2024-21380 was published Feb 13, 2024
TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler High
CVE-2024-25121 was published for typo3/cms-core (Composer) Feb 13, 2024
ohader
Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could... High Unreviewed
CVE-2024-0242 was published Feb 8, 2024
Liferay Portal vulnerable to user impersonation High
CVE-2024-25148 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability High
CVE-2023-51437 was published for org.apache.pulsar:pulsar-broker-auth-sasl (Maven) Feb 7, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in InstaWP Team InstaWP... High Unreviewed
CVE-2024-23506 was published Jan 27, 2024
ProTip! Advisories are also available from the GraphQL API