Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,491 advisories

Loading
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... High Unreviewed
CVE-2024-13562 was published Jan 25, 2025
An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent... High Unreviewed
CVE-2024-43707 was published Jan 23, 2025
In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to... High Unreviewed
CVE-2024-49734 was published Jan 22, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed
CVE-2024-12142 was published Jan 17, 2025
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed
CVE-2025-0472 was published Jan 16, 2025
An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate... High Unreviewed
CVE-2024-48125 was published Jan 15, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24010 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24012 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24011 was published Jan 9, 2025
Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47922 was published Dec 30, 2024
The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member... High Unreviewed
CVE-2024-8326 was published Dec 17, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
Information disclosure possible while audio playback. High Unreviewed
CVE-2017-18307 was published Nov 26, 2024
An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If... High Unreviewed
CVE-2024-38647 was published Nov 22, 2024
Local File Inclusion vulnerability in Vegam Solutions Vegam 4i v.6.3.47.0 and earlier allows a... High Unreviewed
CVE-2024-51163 was published Nov 20, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2024-45791 was published Nov 18, 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... High Unreviewed
CVE-2024-8979 was published Nov 15, 2024
VaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2024-47915 was published Nov 14, 2024
A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the... High Unreviewed
CVE-2024-6861 was published Nov 6, 2024
mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack... High Unreviewed
CVE-2024-7010 was published Oct 29, 2024
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information... High Unreviewed
CVE-2024-9627 was published Oct 22, 2024
An issue in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7... High Unreviewed
CVE-2024-48824 was published Oct 14, 2024
An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to... High Unreviewed
CVE-2024-48799 was published Oct 14, 2024
An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to... High Unreviewed
CVE-2024-48798 was published Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database