Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,378 advisories

Loading
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing... High Unreviewed
CVE-2023-45912 was published Oct 18, 2023
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24011 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24010 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24012 was published Jan 9, 2025
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47922 was published Dec 30, 2024
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0... High Unreviewed
CVE-2017-7923 was published May 17, 2022
The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member... High Unreviewed
CVE-2024-8326 was published Dec 17, 2024
An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note:... High Unreviewed
CVE-2024-26026 was published May 8, 2024
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note:... High Unreviewed
CVE-2024-21793 was published May 8, 2024
A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14... High Unreviewed
CVE-2024-23235 was published Mar 8, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
Information disclosure possible while audio playback. High Unreviewed
CVE-2017-18307 was published Nov 26, 2024
An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If... High Unreviewed
CVE-2024-38647 was published Nov 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2024-45791 was published Nov 18, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... High Unreviewed
CVE-2024-8979 was published Nov 15, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47915 was published Nov 14, 2024
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the... High Unreviewed
CVE-2024-6861 was published Nov 6, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
Advantech WebAccess version 9.1.3 contains an exposure of sensitive information to an... High Unreviewed
CVE-2023-4215 was published Oct 17, 2023
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9627 was published Oct 22, 2024
The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter. High Unreviewed
CVE-2023-22586 was published Jun 11, 2023
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9821 was published Oct 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database