Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,044 advisories

Loading
A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01.... Moderate Unreviewed
CVE-2024-8460 was published Sep 5, 2024
A vulnerability, which was classified as problematic, was found in D-Link DNS-320 2.02b01. This... Moderate Unreviewed
CVE-2024-8461 was published Sep 5, 2024
The Remember Me Controls plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2024-7415 was published Sep 6, 2024
gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property Moderate
CVE-2024-45040 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic
gnark's Groth16 commitment extension unsound for more than one commitment Moderate
CVE-2024-45039 was published for github.com/consensys/gnark (Go) Sep 6, 2024
maltezellic ivokub
Exposure of debug and metrics endpoints in Pomerium Moderate
CVE-2022-24797 was published for github.com/pomerium/pomerium (Go) Sep 6, 2024
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8538 was published Sep 7, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed
CVE-2024-37991 was published Sep 10, 2024
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4... Moderate Unreviewed
CVE-2024-31490 was published Sep 10, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Payara Platform... Moderate Unreviewed
CVE-2024-8097 was published Sep 11, 2024
An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to... Moderate Unreviewed
CVE-2024-41629 was published Sep 12, 2024
The Custom Post Limits plugin for WordPress is vulnerable to full path disclosure in all versions... Moderate Unreviewed
CVE-2024-6544 was published Sep 13, 2024
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability... Moderate Unreviewed
CVE-2024-44685 was published Sep 13, 2024
OMFLOW from The SYSCOM Group does not properly restrict the query range of its data query... Moderate Unreviewed
CVE-2024-8780 was published Sep 16, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw` Moderate
CVE-2024-45811 was published for vite (npm) Sep 17, 2024
adi1
OMFLOW from The SYSCOM Group has a vulnerability involving the exposure of sensitive data. This... Moderate Unreviewed
CVE-2024-8969 was published Sep 18, 2024
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users Moderate
CVE-2024-46979 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
Mautic allows users enumeration due to weak password login Moderate
CVE-2024-47059 was published for mautic/core (Composer) Sep 18, 2024
tomekkowalczyk patrykgruszka
escopecz rafibz007
ZITADEL Allows Unauthorized Access After Organization or Project Deactivation Moderate
CVE-2024-47060 was published for github.com/zitadel/zitadel/v2 (Go) Sep 19, 2024
prdp1137 livio-a
fforootd
ProTip! Advisories are also available from the GraphQL API