Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

8,921 advisories

Loading
Graylog concurrent PDF report rendering can leak other users' reports High
CVE-2024-52506 was published for org.graylog:graylog-parent (Maven) Nov 18, 2024
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an... Moderate Unreviewed
CVE-2020-3525 was published Nov 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2024-45791 was published Nov 18, 2024
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow... Moderate Unreviewed
CVE-2022-20648 was published Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... Moderate Unreviewed
CVE-2024-8978 was published Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... High Unreviewed
CVE-2024-8979 was published Nov 15, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3501 was published Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3502 was published Nov 14, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47915 was published Nov 14, 2024
Moodle IDOR when accessing list of badge recipients Moderate
CVE-2024-48900 was published for moodle/moodle (Composer) Nov 13, 2024
Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier... Unknown Unreviewed
CVE-2024-10971 was published Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46894 was published Nov 12, 2024
Moodle has user information visibility control issues in gradebook reports Low
CVE-2024-43429 was published for moodle/moodle (Composer) Nov 11, 2024
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch... Moderate Unreviewed
CVE-2024-52032 was published Nov 9, 2024
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-10352 was published Nov 9, 2024
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-8756 was published Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the... Critical Unreviewed
CVE-2024-10285 was published Nov 9, 2024
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information... Low Unreviewed
CVE-2024-48011 was published Nov 8, 2024
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this... Moderate Unreviewed
CVE-2024-10965 was published Nov 7, 2024
A vulnerability in the logging component of Cisco Unified Communications Manager IM &amp;... Moderate Unreviewed
CVE-2024-20457 was published Nov 6, 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated... Moderate Unreviewed
CVE-2024-20507 was published Nov 6, 2024
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800... Moderate Unreviewed
CVE-2024-20445 was published Nov 6, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components Moderate
CVE-2024-51751 was published for gradio (pip) Nov 6, 2024
ifratric
A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the... High Unreviewed
CVE-2024-6861 was published Nov 6, 2024
A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325... Moderate Unreviewed
CVE-2024-10916 was published Nov 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database