Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,722
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,946
Pub
13
RubyGems
1,055
Rust
1,338
Swift
54
Unreviewed advisories
All unreviewed
5,000+

150 advisories

Loading
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2024-27881 was published Jul 30, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38103 was published Jul 26, 2024
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user... Low Unreviewed
CVE-2024-37533 was published Jul 24, 2024
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime... High Unreviewed
CVE-2024-30321 was published Jul 9, 2024
In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a... High Unreviewed
CVE-2024-36682 was published Jun 25, 2024
In the module "Login as customer PRO" (loginascustomerpro) <1.2.7 from Weblir for PrestaShop, a... High Unreviewed
CVE-2024-36677 was published Jun 19, 2024
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed... Moderate Unreviewed
CVE-2024-27850 was published Jun 10, 2024
If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not... Moderate Unreviewed
CVE-2024-4767 was published May 14, 2024
An issue in Foundation.app Foundation platform 1.0 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-50053 was published Apr 30, 2024
An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive... High Unreviewed
CVE-2024-33271 was published Apr 29, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-29986 was published Apr 18, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-29987 was published Apr 18, 2024
The Beaver Themer plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2023-6695 was published Apr 9, 2024
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method Moderate
CVE-2024-29888 was published for saleor (pip) Mar 28, 2024
Sensitive information disclosure due to excessive collection of system information. The following... Low Unreviewed
CVE-2023-48680 was published Feb 27, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability High Unreviewed
CVE-2024-26192 was published Feb 24, 2024
The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is... Moderate Unreviewed
CVE-2023-7014 was published Feb 6, 2024
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in... Low Unreviewed
CVE-2024-23211 was published Jan 23, 2024
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed
CVE-2023-6630 was published Jan 11, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2023-42830 was published Jan 11, 2024
The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser... Moderate Unreviewed
CVE-2023-25632 was published Nov 27, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software... High Unreviewed
CVE-2023-5983 was published Nov 22, 2023
AsyncSSH Rogue Session Attack High
CVE-2023-46446 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor Credited to TrueSkrillor and lambdafu lambdafu lambdafu
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the... Moderate Unreviewed
CVE-2023-34085 was published Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database