GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

225 advisories

Filter by severity

Sort by

Least recently updated

The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not... Unknown Unreviewed

CVE-2023-40457 was published Nov 11, 2024

This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs... High Unreviewed

CVE-2024-51560 was published Nov 4, 2024

HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive... Moderate Unreviewed

CVE-2024-30141 was published Nov 7, 2024

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a... Moderate Unreviewed

CVE-2021-47161 was published Mar 25, 2024

An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api... High Unreviewed

CVE-2024-39719 was published Oct 31, 2024

Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti... Moderate Unreviewed

CVE-2024-50512 was published Oct 30, 2024

HCL Sametime is impacted by the error messages containing sensitive information. An attacker can... Low Unreviewed

CVE-2023-50355 was published Oct 24, 2024

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows... Moderate Unreviewed

CVE-2024-44762 was published Oct 16, 2024

SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non... Moderate Unreviewed

CVE-2024-45713 was published Oct 17, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full... Moderate Unreviewed

CVE-2024-6551 was published Aug 29, 2024

An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed

CVE-2023-3362 was published Jul 13, 2023

An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8,... Moderate Unreviewed

CVE-2023-1210 was published Aug 2, 2023

The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions... Moderate Unreviewed

CVE-2024-6544 was published Sep 13, 2024

The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed

CVE-2024-7415 was published Sep 6, 2024

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed

CVE-2024-7426 was published Sep 25, 2024

The Statutory Reporting application has a vulnerable file storage location, potentially enabling... Moderate Unreviewed

CVE-2023-42475 was published Oct 10, 2023

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an... Moderate Unreviewed

CVE-2023-47152 was published Jan 22, 2024

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details... Moderate Unreviewed

CVE-2023-41365 was published Oct 10, 2023

Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed

CVE-2023-31429 was published Aug 1, 2023

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15... Moderate Unreviewed

CVE-2024-5435 was published Sep 12, 2024

A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It... Moderate Unreviewed

CVE-2024-8571 was published Sep 8, 2024

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of... Critical Unreviewed

CVE-2024-28285 was published May 14, 2024

IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2023-47728 was published Aug 16, 2024

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-39751 was published Aug 6, 2024

A verbose error handling issue in the proxy service implemented in the GravityZone Update Server... Critical Unreviewed

CVE-2024-6980 was published Jul 31, 2024

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

225 advisories