GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
169 advisories
Filter by severity
This issue was addressed with improvements to the noise injection algorithm. This issue is fixed...
Moderate
Unreviewed
CVE-2024-27850
was published
Jun 10, 2024
If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not...
Moderate
Unreviewed
CVE-2024-4767
was published
May 14, 2024
An issue in Foundation.app Foundation platform 1.0 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2023-50053
was published
Apr 30, 2024
An issue in FME Modules eventsmanager before 4.4.0 allows an attacker to obtain sensitive...
High
Unreviewed
CVE-2024-33271
was published
Apr 29, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-29987
was published
Apr 18, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-29986
was published
Apr 18, 2024
The Beaver Themer plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2023-6695
was published
Apr 9, 2024
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method
Moderate
CVE-2024-29888
was published
for
saleor
(pip)
Mar 28, 2024
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-48680
was published
Feb 27, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-26192
was published
Feb 24, 2024
The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is...
Moderate
Unreviewed
CVE-2023-7014
was published
Feb 6, 2024
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in...
Low
Unreviewed
CVE-2024-23211
was published
Jan 23, 2024
The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct...
Moderate
Unreviewed
CVE-2023-6630
was published
Jan 11, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2023-42830
was published
Jan 11, 2024
The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser...
Moderate
Unreviewed
CVE-2023-25632
was published
Nov 27, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software...
High
Unreviewed
CVE-2023-5983
was published
Nov 22, 2023
When an AWS DynamoDB table is used for user attribute storage, it is possible to retrieve the...
Moderate
Unreviewed
CVE-2023-34085
was published
Oct 25, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API
High
CVE-2023-46128
was published
for
nautobot
(pip)
Oct 24, 2023
Sensitive information disclosure due to excessive collection of system information. The following...
Low
Unreviewed
CVE-2023-44213
was published
Oct 6, 2023
Sensitive information disclosure due to spell-jacking. The following products are affected:...
Moderate
Unreviewed
CVE-2023-44156
was published
Sep 27, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 before 15...
Moderate
Unreviewed
CVE-2023-1936
was published
Jul 11, 2023
XWiki Platform may show email addresses in clear in REST results
High
CVE-2023-35151
was published
for
org.xwiki.platform:xwiki-platform-rest-server
(Maven)
Jun 20, 2023
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media...
High
Unreviewed
CVE-2023-2703
was published
May 23, 2023
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series...
Moderate
Unreviewed
CVE-2023-22918
was published
Apr 24, 2023
ProTip!
Advisories are also available from the
GraphQL API