Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-49025 was published Nov 14, 2024
An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager... Moderate Unreviewed
CVE-2023-44255 was published Nov 12, 2024
Sensitive information disclosure due to spell-jacking. The following products are affected:... Moderate Unreviewed
CVE-2024-49386 was published Oct 17, 2024
An attacker with no knowledge of the current users in the web application, could build a... Moderate Unreviewed
CVE-2024-8891 was published Sep 18, 2024
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users Moderate
CVE-2024-46979 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
XWiki Platform document history including authors of any page exposed to unauthorized actors Moderate
CVE-2024-45591 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Sep 10, 2024
Xiqinger
Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an... Moderate Unreviewed
CVE-2024-44113 was published Sep 10, 2024
Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access... Moderate Unreviewed
CVE-2024-41729 was published Sep 10, 2024
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal... Moderate Unreviewed
CVE-2024-37136 was published Sep 3, 2024
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior... Moderate Unreviewed
CVE-2024-6053 was published Aug 28, 2024
Matrix SDK for React's URL preview setting for a room is controllable by the homeserver Moderate
CVE-2024-42347 was published for matrix-react-sdk (npm) Aug 6, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-38103 was published Jul 26, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-29986 was published Apr 18, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-29987 was published Apr 18, 2024
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method Moderate
CVE-2024-29888 was published for saleor (pip) Mar 28, 2024
The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser... Moderate Unreviewed
CVE-2023-25632 was published Nov 27, 2023
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the... Moderate Unreviewed
CVE-2023-34085 was published Oct 25, 2023
Sensitive information disclosure due to spell-jacking. The following products are affected:... Moderate Unreviewed
CVE-2023-44156 was published Sep 27, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15... Moderate Unreviewed
CVE-2023-1936 was published Jul 11, 2023
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series... Moderate Unreviewed
CVE-2023-22918 was published Apr 24, 2023
Information exposure in microweber Moderate
CVE-2023-2239 was published for microweber/microweber (Composer) Apr 22, 2023
Exposure of Private Personal Information to an Unauthorized Actor in org.xwiki.platform:xwiki-platform-rest-server Moderate
CVE-2022-41936 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Nov 21, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA),... Moderate Unreviewed
CVE-2022-20942 was published Nov 4, 2022
There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription... Moderate Unreviewed
CVE-2022-0852 was published Aug 29, 2022
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier)... Moderate Unreviewed
CVE-2021-28559 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database