GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,354 advisories
Filter by severity
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized...
High
Unreviewed
CVE-2024-8777
was published
Sep 16, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information...
High
Unreviewed
CVE-2024-3305
was published
Sep 12, 2024
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when...
High
Unreviewed
CVE-2024-29968
was published
Apr 19, 2024
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
Vulnerability of package names' public keys not being verified in the security module.Successful...
High
Unreviewed
CVE-2023-44093
was published
Oct 11, 2023
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Yordam Information...
High
Unreviewed
CVE-2024-6406
was published
Sep 18, 2024
A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An...
High
Unreviewed
CVE-2024-40862
was published
Sep 17, 2024
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and...
High
Unreviewed
CVE-2024-46938
was published
Sep 16, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-22086
was published
Oct 18, 2023
An External XML Entity (XXE) vulnerability in the provisioning web service of Ivanti EPM before...
High
Unreviewed
CVE-2024-37397
was published
Sep 12, 2024
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-22019
was published
Oct 18, 2023
The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before...
High
Unreviewed
CVE-2023-46315
was published
Oct 23, 2023
An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain...
High
Unreviewed
CVE-2023-38845
was published
Oct 26, 2023
Exposure of sensitive information due to incompatible policies issue exists in Pgpool-II. If a...
High
Unreviewed
CVE-2024-45624
was published
Sep 12, 2024
An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2023-38846
was published
Oct 26, 2023
An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2023-38847
was published
Oct 26, 2023
The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain...
High
Unreviewed
CVE-2023-39736
was published
Oct 25, 2023
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain...
High
Unreviewed
CVE-2023-39739
was published
Oct 25, 2023
The leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the...
High
Unreviewed
CVE-2023-39735
was published
Oct 25, 2023
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel...
High
Unreviewed
CVE-2023-39737
was published
Oct 25, 2023
An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via...
High
Unreviewed
CVE-2023-38849
was published
Oct 26, 2023
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.
High
Unreviewed
CVE-2023-37232
was published
Sep 10, 2024
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU...
High
Unreviewed
CVE-2019-14927
was published
May 24, 2022
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. The device allows...
High
Unreviewed
CVE-2024-44408
was published
Sep 6, 2024
An information disclosure vulnerability in the component users-grid-data.php of Ocomon before v4...
High
Unreviewed
CVE-2023-33558
was published
Oct 26, 2023
ProTip!
Advisories are also available from the
GraphQL API