GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,780 advisories
Filter by severity
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could...
Low
Unreviewed
CVE-2024-30132
was published
Oct 1, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive...
Low
Unreviewed
CVE-2022-43845
was published
Sep 25, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Low
Unreviewed
CVE-2023-5359
was published
Sep 25, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone...
Low
Unreviewed
CVE-2023-51452
was published
Apr 2, 2024
** DISPUTED ** An Improper Input Validation vulnerability affecting the FTP service running on...
Low
Unreviewed
CVE-2023-6950
was published
Apr 2, 2024
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone...
Low
Unreviewed
CVE-2023-51453
was published
Apr 2, 2024
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of...
Low
Unreviewed
CVE-2024-42496
was published
Sep 30, 2024
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform...
Low
Unreviewed
CVE-2023-49578
was published
Dec 12, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,...
Low
Unreviewed
CVE-2023-32114
was published
Jun 13, 2023
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options...
Low
Unreviewed
CVE-2024-8258
was published
Sep 10, 2024
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with...
Low
Unreviewed
CVE-2024-45744
was published
Sep 27, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2...
Low
Unreviewed
CVE-2024-4099
was published
Sep 27, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3...
Low
Unreviewed
CVE-2024-8974
was published
Sep 27, 2024
The goTenna Pro ATAK Plugin does not encrypt the callsigns of its users.
These callsigns reveal...
Low
Unreviewed
CVE-2024-45838
was published
Sep 26, 2024
A vulnerability, which was classified as problematic, has been found in Enpass Password Manager...
Low
Unreviewed
CVE-2024-9203
was published
Sep 26, 2024
The goTenna pro series does not encrypt the callsigns of its users. These callsigns reveal...
Low
Unreviewed
CVE-2024-47124
was published
Sep 26, 2024
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted...
Low
Unreviewed
CVE-2024-8443
was published
Sep 10, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and...
Low
Unreviewed
CVE-2024-45843
was published
Sep 26, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when...
Low
Unreviewed
CVE-2024-47145
was published
Sep 26, 2024
This vulnerability potentially allows files on a PaperCut NG/MF server to be exposed using a...
Low
Unreviewed
CVE-2024-1221
was published
Mar 14, 2024
A privacy issue was addressed by moving sensitive data to a protected location. This issue is...
Low
Unreviewed
CVE-2024-40838
was published
Sep 17, 2024
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as...
Low
Unreviewed
CVE-2024-6061
was published
Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as...
Low
Unreviewed
CVE-2024-6063
was published
Jun 17, 2024
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic....
Low
Unreviewed
CVE-2024-6062
was published
Jun 17, 2024
ProTip!
Advisories are also available from the
GraphQL API