GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,469 advisories
Filter by severity
A potential security vulnerability has been identified in Web ViewPoint Enterprise software....
High
Unreviewed
CVE-2024-22435
was published
Apr 15, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values...
Moderate
Unreviewed
CVE-2024-3774
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
High
Unreviewed
CVE-2024-29839
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
High
Unreviewed
CVE-2024-29841
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
High
Unreviewed
CVE-2024-29842
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
High
Unreviewed
CVE-2024-29843
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
High
Unreviewed
CVE-2024-29840
was published
Apr 15, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks...
High
Unreviewed
CVE-2024-30381
was published
Apr 12, 2024
A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network...
Low
Unreviewed
CVE-2024-3689
was published
Apr 12, 2024
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This...
Moderate
Unreviewed
CVE-2024-3706
was published
Apr 12, 2024
phin may include sensitive headers in subsequent requests after redirect
Moderate
GHSA-x565-32qp-m3vf
was published
for
phin
(npm)
Apr 11, 2024
Information exposure vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1...
High
Unreviewed
CVE-2024-2740
was published
Apr 11, 2024
By knowing an organization's ID, an attacker can join the organization without permission and...
Critical
Unreviewed
CVE-2024-1643
was published
Apr 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact...
Moderate
Unreviewed
CVE-2024-31302
was published
Apr 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons...
Moderate
Unreviewed
CVE-2024-31278
was published
Apr 10, 2024
Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output
Low
GHSA-j5vm-7qcc-2wwg
was published
for
github.com/kopia/kopia
(Go)
Apr 10, 2024
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted
Moderate
CVE-2024-31464
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Apr 10, 2024
Minder GetRepositoryByName data leak
Moderate
CVE-2024-31455
was published
for
github.com/stacklok/minder
(Go)
Apr 9, 2024
Contao: Possible cookie sharing with external domains while checking protected pages for broken links
High
CVE-2024-28235
was published
for
contao/core-bundle
(Composer)
Apr 9, 2024
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least...
Moderate
Unreviewed
CVE-2024-23662
was published
Apr 9, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an...
High
Unreviewed
CVE-2024-25646
was published
Apr 9, 2024
Input verification vulnerability in the call module.
Impact: Successful exploitation of this...
Unknown
Unreviewed
CVE-2024-27897
was published
Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
Low
CVE-2024-30260
was published
for
undici
(npm)
Apr 4, 2024
Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability...
Moderate
Unreviewed
CVE-2024-3262
was published
Apr 4, 2024
A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and...
Moderate
Unreviewed
CVE-2024-3274
was published
Apr 4, 2024
ProTip!
Advisories are also available from the
GraphQL API