GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
8,552 advisories
Filter by severity
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an
empty supported...
Critical
Unreviewed
CVE-2024-5535
was published
Jun 27, 2024
An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5,...
Moderate
Unreviewed
CVE-2024-3115
was published
Jun 27, 2024
Exposure of secrets through system log in Jenkins Structs Plugin
Low
CVE-2024-39458
was published
for
org.jenkins-ci.plugins:structs
(Maven)
Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController...
High
Unreviewed
CVE-2024-5010
was published
Jun 25, 2024
udn News Android APP stores the user session in logcat file when user log into the APP. A...
Low
Unreviewed
CVE-2024-6294
was published
Jun 25, 2024
In the module "Axepta" (axepta) before 1.3.4 from Quadra Informatique for PrestaShop, a guest can...
High
Unreviewed
CVE-2024-34991
was published
Jun 25, 2024
Multiple directory traversal vulnerabilities in the TFTP Server in Distinct Intranet Servers 3.10...
Critical
Unreviewed
CVE-2012-6664
was published
Jun 22, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event...
Moderate
Unreviewed
CVE-2024-5059
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP...
Moderate
Unreviewed
CVE-2024-35776
was published
Jun 21, 2024
CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in...
High
Unreviewed
CVE-2024-22002
was published
Jun 18, 2024
Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec
Moderate
CVE-2024-22032
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information...
High
Unreviewed
CVE-2024-38467
was published
Jun 16, 2024
Vulnerability of insufficient permission verification in the NearLink module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-5464
was published
Jun 14, 2024
NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information...
Moderate
Unreviewed
CVE-2024-0093
was published
Jun 14, 2024
Cilium leaks sensitive information in cilium-bugtool
High
CVE-2024-37307
was published
for
github.com/cilium/cilium
(Go)
Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30300
was published
Jun 13, 2024
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure...
High
Unreviewed
CVE-2024-30472
was published
Jun 13, 2024
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
Moderate
CVE-2024-23445
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 12, 2024
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37325
was published
Jun 11, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-35263
was published
Jun 11, 2024
Windows Cryptographic Services Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-30096
was published
Jun 11, 2024
A medium severity vulnerability in BIPS has been identified where an authenticated attacker with...
Moderate
Unreviewed
CVE-2024-5813
was published
Jun 11, 2024
This allows the information exposure to unauthorized users. This issue affects NetIQ Access...
Moderate
Unreviewed
CVE-2020-11843
was published
Jun 11, 2024
On Unix, SAP BusinessObjects Business
Intelligence Platform (Scheduling) allows an authenticated...
Low
Unreviewed
CVE-2024-34684
was published
Jun 11, 2024
ProTip!
Advisories are also available from the
GraphQL API