GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
49 advisories
Filter by severity
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack...
High
Unreviewed
CVE-2024-37144
was published
Dec 10, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to...
High
Unreviewed
CVE-2024-47043
was published
Dec 6, 2024
Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023...
High
Unreviewed
CVE-2024-48939
was published
Nov 11, 2024
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for...
High
Unreviewed
CVE-2024-10028
was published
Nov 6, 2024
Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a...
High
Unreviewed
CVE-2024-48353
was published
Nov 1, 2024
Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server...
High
Unreviewed
CVE-2024-48352
was published
Nov 1, 2024
An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-48783
was published
Oct 15, 2024
An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-48770
was published
Oct 11, 2024
An issue was discovered in Atos Eviden SMC xScale before 1.6.6. During initialization of nodes,...
High
Unreviewed
CVE-2024-42018
was published
Oct 11, 2024
A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used...
High
Unreviewed
CVE-2024-39339
was published
Sep 18, 2024
Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)
High
CVE-2024-4540
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 10, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a...
High
Unreviewed
CVE-2024-22808
was published
Apr 22, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when...
High
Unreviewed
CVE-2024-29968
was published
Apr 19, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma...
High
Unreviewed
CVE-2023-42913
was published
Mar 28, 2024
The encrypted subject of an email message could be incorrectly and permanently assigned to an...
High
Unreviewed
CVE-2024-1936
was published
Mar 5, 2024
Missing permission checks on Hazelcast client protocol
High
CVE-2023-45859
was published
for
com.hazelcast:hazelcast
(Maven)
Feb 27, 2024
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according...
High
Unreviewed
CVE-2024-25728
was published
Feb 12, 2024
Intelbras Roteador ACtion RF 1200 1.2.2 esposes the Password in Cookie resulting in Login Bypass.
High
Unreviewed
CVE-2024-22773
was published
Feb 6, 2024
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to...
High
Unreviewed
CVE-2023-45182
was published
Dec 14, 2023
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows...
High
Unreviewed
CVE-2023-32184
was published
Sep 19, 2023
** UNSUPPPORTED WHEN ASSIGNED **
Sending some requests in the web application of the...
High
Unreviewed
CVE-2023-41965
was published
Sep 18, 2023
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information...
High
Unreviewed
CVE-2023-37879
was published
Sep 15, 2023
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile...
High
Unreviewed
CVE-2023-40728
was published
Sep 14, 2023
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions...
High
Unreviewed
CVE-2022-46484
was published
Aug 2, 2023
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate...
High
Unreviewed
CVE-2023-22687
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API