GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
8,919 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.
...
Unknown
Unreviewed
CVE-2024-45791
was published
Nov 18, 2024
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow...
Moderate
Unreviewed
CVE-2022-20648
was published
Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce...
Moderate
Unreviewed
CVE-2024-8978
was published
Nov 15, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce...
High
Unreviewed
CVE-2024-8979
was published
Nov 15, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3502
was published
Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability...
Critical
Unreviewed
CVE-2024-3501
was published
Nov 14, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
High
Unreviewed
CVE-2024-47915
was published
Nov 14, 2024
Moodle IDOR when accessing list of badge recipients
Moderate
CVE-2024-48900
was published
for
moodle/moodle
(Composer)
Nov 13, 2024
Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier...
Unknown
Unreviewed
CVE-2024-10971
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46894
was published
Nov 12, 2024
Moodle has user information visibility control issues in gradebook reports
Low
CVE-2024-43429
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch...
Moderate
Unreviewed
CVE-2024-52032
was published
Nov 9, 2024
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-10352
was published
Nov 9, 2024
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2024-8756
was published
Nov 9, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the...
Critical
Unreviewed
CVE-2024-10285
was published
Nov 9, 2024
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information...
Low
Unreviewed
CVE-2024-48011
was published
Nov 8, 2024
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this...
Moderate
Unreviewed
CVE-2024-10965
was published
Nov 7, 2024
A vulnerability in the logging component of Cisco Unified Communications Manager IM &...
Moderate
Unreviewed
CVE-2024-20457
was published
Nov 6, 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated...
Moderate
Unreviewed
CVE-2024-20507
was published
Nov 6, 2024
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800...
Moderate
Unreviewed
CVE-2024-20445
was published
Nov 6, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components
Moderate
CVE-2024-51751
was published
for
gradio
(pip)
Nov 6, 2024
A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the...
High
Unreviewed
CVE-2024-6861
was published
Nov 6, 2024
A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325...
Moderate
Unreviewed
CVE-2024-10916
was published
Nov 6, 2024
Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient
Low
CVE-2024-50342
was published
for
symfony/http-client
(Composer)
Nov 6, 2024
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic...
Moderate
Unreviewed
CVE-2024-10084
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API