GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,044 advisories
Filter by severity
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to...
Moderate
Unreviewed
CVE-2023-40371
was published
Aug 24, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
Home Assistant vulnerable to account takeover via auth_callback login
Moderate
CVE-2023-41893
was published
for
homeassistant
(pip)
Oct 26, 2023
FreeIPA logs passwords embedded in commands in calls using batch
Moderate
CVE-2019-10195
was published
for
freeipa
(pip)
May 24, 2022
Exposure of Sensitive Information in EVE-SRP
Moderate
CVE-2020-36660
was published
for
EVE-SRP
(pip)
Feb 6, 2023
ZITADEL Allows Unauthorized Access After Organization or Project Deactivation
Moderate
CVE-2024-47060
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
Mautic allows users enumeration due to weak password login
Moderate
CVE-2024-47059
was published
for
mautic/core
(Composer)
Sep 18, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw`
Moderate
CVE-2024-45811
was published
for
vite
(npm)
Sep 17, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
Django Data leakage via admin history log
Moderate
CVE-2013-0305
was published
for
Django
(pip)
May 5, 2022
org.xwiki.platform:xwiki-platform-notifications-ui leaks data of notification filters of users
Moderate
CVE-2024-46979
was published
for
org.xwiki.platform:xwiki-platform-notifications-ui
(Maven)
Sep 18, 2024
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
Django settings leak in date template filter
Moderate
CVE-2015-8213
was published
for
Django
(pip)
May 17, 2022
OMFLOW from The SYSCOM Group has a vulnerability involving the exposure of sensitive data. This...
Moderate
Unreviewed
CVE-2024-8969
was published
Sep 18, 2024
Dapr API Token Exposure
Moderate
CVE-2024-35223
was published
for
github.com/dapr/dapr
(Go)
May 22, 2024
An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an...
Moderate
Unreviewed
CVE-2024-6395
was published
Jul 17, 2024
A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive...
Moderate
Unreviewed
CVE-2024-6336
was published
Jul 17, 2024
Rapid7 Nexpose versions prior to 6.6.114 suffer from an information exposure issue whereby, when...
Moderate
Unreviewed
CVE-2019-5640
was published
Nov 23, 2021
Grafana Arbitrary File Read
Moderate
CVE-2019-19499
was published
for
github.com/grafana/grafana
(Go)
Jan 31, 2024
gnark commitments to private witnesses in Groth16 as implemented break zero-knowledge property
Moderate
CVE-2024-45040
was published
for
github.com/consensys/gnark
(Go)
Sep 6, 2024
OMFLOW from The SYSCOM Group does not properly restrict the query range of its data query...
Moderate
Unreviewed
CVE-2024-8780
was published
Sep 16, 2024
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The...
Moderate
Unreviewed
CVE-2024-33881
was published
Jun 24, 2024
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability...
Moderate
Unreviewed
CVE-2024-44685
was published
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API