GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
883 advisories
Filter by severity
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information...
Low
Unreviewed
CVE-2024-48011
was published
Nov 8, 2024
HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere...
Low
Unreviewed
CVE-2024-30106
was published
Oct 29, 2024
A vulnerability was found in code-projects Dormitory Management System 1.0. It has been rated as...
Low
Unreviewed
CVE-2024-0472
was published
Jan 13, 2024
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management...
Low
Unreviewed
CVE-2024-0716
was published
Jan 19, 2024
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user...
Low
Unreviewed
CVE-2024-30118
was published
Oct 9, 2024
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in...
Low
Unreviewed
CVE-2024-33506
was published
Oct 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16...
Low
Unreviewed
CVE-2023-5831
was published
Nov 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to...
Low
Unreviewed
CVE-2023-2620
was published
Jul 13, 2023
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Low
Unreviewed
CVE-2023-5359
was published
Sep 25, 2024
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for...
Low
Unreviewed
CVE-2024-8612
was published
Sep 20, 2024
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a...
Low
Unreviewed
CVE-2023-5081
was published
Jan 19, 2024
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-48680
was published
Feb 27, 2024
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-44213
was published
Oct 6, 2023
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local...
Low
Unreviewed
CVE-2023-6287
was published
Nov 27, 2023
A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM...
Low
Unreviewed
CVE-2023-52238
was published
Jul 9, 2024
HCL Connections contains a user enumeration vulnerability. Certain actions could allow an...
Low
Unreviewed
CVE-2024-23557
was published
Apr 18, 2024
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all...
Low
Unreviewed
CVE-2024-7060
was published
Jul 25, 2024
Under certain circumstances, when the controller is in factory reset mode waiting for initial...
Low
Unreviewed
CVE-2024-32754
was published
Jul 4, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to properly sanitize the recipients of a...
Low
Unreviewed
CVE-2024-39807
was published
Jul 3, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0 fail to sanitize the RemoteClusterFrame payloads...
Low
Unreviewed
CVE-2024-39353
was published
Jul 3, 2024
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on...
Low
Unreviewed
CVE-2023-38301
was published
Apr 22, 2024
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially...
Low
Unreviewed
CVE-2023-24069
was published
Jan 23, 2023
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain...
Low
Unreviewed
CVE-2016-3351
was published
May 14, 2022
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated...
Low
Unreviewed
CVE-2024-34684
was published
Jun 11, 2024
ProTip!
Advisories are also available from the
GraphQL API