Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

9,027 advisories

Loading
CloudStack users can add and read comments (annotations) on resources they are authorised to... Moderate Unreviewed
CVE-2025-22828 was published Jan 13, 2025
HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response... Low Unreviewed
CVE-2024-42179 was published Jan 13, 2025
A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0.... Moderate Unreviewed
CVE-2025-0403 was published Jan 13, 2025
Mattermost leaks details of AD/LDAP groups of a teams Moderate
CVE-2024-23493 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Information disclosure due to uninitialized variable. High Unreviewed
CVE-2017-18306 was published Nov 26, 2024
The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-8899 was published Nov 26, 2024
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing... High Unreviewed
CVE-2023-45912 was published Oct 18, 2023
XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted Moderate
CVE-2024-31464 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 10, 2024
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2025-21592 was published Jan 9, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons... Moderate Unreviewed
CVE-2024-31278 was published Apr 10, 2024
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24010 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24012 was published Jan 9, 2025
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid... High Unreviewed
CVE-2023-24011 was published Jan 9, 2025
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12584 was published Jan 8, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-56443 was published Jan 8, 2025
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-56435 was published Jan 8, 2025
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor... Moderate Unreviewed
CVE-2024-12426 was published Jan 7, 2025
The BWD Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed
CVE-2024-12532 was published Jan 7, 2025
The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-11282 was published Jan 7, 2025
The Elementor Addons AI Addons – 70 Widgets, Premium Templates, Ultimate Elements plugin for... Moderate Unreviewed
CVE-2024-12140 was published Jan 7, 2025
The Optimize Your Campaigns – Google Shopping – Google Ads – Google Adwords plugin for WordPress... Moderate Unreviewed
CVE-2024-12159 was published Jan 7, 2025
The Member Access plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11290 was published Jan 7, 2025
The Duplicate Post, Page and Any Custom Post plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-12538 was published Jan 7, 2025
fetch: Authorization headers not dropped when redirecting cross-origin High
CVE-2025-21620 was published for deno (Rust) Jan 6, 2025
rexxars
A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH... Moderate Unreviewed
CVE-2025-0224 was published Jan 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database