Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8,469 advisories

A potential security vulnerability has been identified in Web ViewPoint Enterprise software.... High Unreviewed
CVE-2024-22435 was published Apr 15, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values... Moderate Unreviewed
CVE-2024-3774 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29839 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29841 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29842 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29843 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... High Unreviewed
CVE-2024-29840 was published Apr 15, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks... High Unreviewed
CVE-2024-30381 was published Apr 12, 2024
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network... Low Unreviewed
CVE-2024-3689 was published Apr 12, 2024
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This... Moderate Unreviewed
CVE-2024-3706 was published Apr 12, 2024
phin may include sensitive headers in subsequent requests after redirect Moderate
GHSA-x565-32qp-m3vf was published for phin (npm) Apr 11, 2024
Information exposure vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1... High Unreviewed
CVE-2024-2740 was published Apr 11, 2024
By knowing an organization's ID, an attacker can join the organization without permission and... Critical Unreviewed
CVE-2024-1643 was published Apr 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact... Moderate Unreviewed
CVE-2024-31302 was published Apr 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons... Moderate Unreviewed
CVE-2024-31278 was published Apr 10, 2024
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output Low
GHSA-j5vm-7qcc-2wwg was published for github.com/kopia/kopia (Go) Apr 10, 2024
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted Moderate
CVE-2024-31464 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 10, 2024
Minder GetRepositoryByName data leak Moderate
CVE-2024-31455 was published for github.com/stacklok/minder (Go) Apr 9, 2024
eleftherias
Contao: Possible cookie sharing with external domains while checking protected pages for broken links High
CVE-2024-28235 was published for contao/core-bundle (Composer) Apr 9, 2024
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least... Moderate Unreviewed
CVE-2024-23662 was published Apr 9, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
Input verification vulnerability in the call module. Impact: Successful exploitation of this... Unknown Unreviewed
CVE-2024-27897 was published Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline Low
CVE-2024-30260 was published for undici (npm) Apr 4, 2024
Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability... Moderate Unreviewed
CVE-2024-3262 was published Apr 4, 2024
A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and... Moderate Unreviewed
CVE-2024-3274 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API